Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Med.
Apache mod_proxy_cluster Stored XSS
16.07.2024
Anonymous
Low
iMLog < 1.307 Persistent Cross Site Scripting (XSS)
16.07.2024
Gabriel Felipe
Low
LumisXP 16.1.x Cross Site Scripting
11.07.2024
Rodolfo Tavares
Low
WordPress Photo Gallery 1.8.26 Cross Site Scripting
10.07.2024
tmrswrr
Low
ResidenceCMS 2.10.1 Cross Site Scripting
09.07.2024
Jeremia Geraldi Sihomb...
Low
Customer Support System 1.0 Stored XSS
02.07.2024
Geraldo Alcantara
Low
WordPress WPCode Lite 2.1.14 Cross Site Scripting
02.07.2024
tmrswrr
Low
WordPress FooGallery 2.4.16 Cross Site Scripting
02.07.2024
tmrswrr
Low
WordPress Gallery 2.3.6 Cross Site Scripting
02.07.2024
tmrswrr
Low
Automad 2.0.0-alpha.4 Cross Site Scripting
26.06.2024
Jerry Thomas
Low
Flatboard 3.2 Cross Site Scripting
24.06.2024
tmrswrr
Low
XMB 1.9.12.06 Cross Site Scripting
18.06.2024
Chokri Hammedi
Low
Premium Support Tickets For WHMCS 1.2.10 Cross Site Scripting
15.06.2024
Sajibe Kanti
Low
AEGON LIFE 1.0 Cross Site Scripting
15.06.2024
Aslam Anwar Mahimkar
Med.
Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR
10.06.2024
C. Schwarz
Med.
SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure
10.06.2024
T. Weber
Low
Sitefinity 15.0 Cross Site Scripting
04.06.2024
Aldi Saputra Wahyudi
Low
iMLog Cross Site Scripting
02.06.2024
Gabriel Felipe
Low
ORing IAP-420 2.01e Cross Site Scripting / Command Injection
02.06.2024
T. Weber
Med.
HAWKI 1.0.0-beta.1 XSS / File Overwrite / Session Fixation
29.05.2024
Thorger Jansen
High
NorthStar C2 Cross Site Scripting / Code Execution
28.05.2024
h00die
Low
Jcow Social Network Cross Site Scripting
24.05.2024
tmrswrr
High
CHAOS 5.0.8 Cross Site Scripting / Remote Command Execution
22.05.2024
h00die
Low
Rocket LMS 1.9 Cross Site Scripting
22.05.2024
Sergio Medeiros
Low
Nethserver 7 / 8 Cross Site Scripting
22.05.2024
Andrea Intilangelo
Low
Panel.SmokeLoader MVID-2024-0682 Cross Site Request Forgery / Cross Site Scripting
19.05.2024
malvuln
Low
Panel.SmokeLoader MVID-2024-0681 Cross Site Scripting
19.05.2024
malvuln
Low
Chyrp 2.5.2 Cross Site Scripting
14.05.2024
Ahmet Umit Bayram
Low
Apache mod_proxy_cluster Cross Site Scripting
14.05.2024
Mohamed Mounir Boudjem...
Low
Leafpub 1.1.9 Cross Site Scripting
14.05.2024
Ahmet Umit Bayram
Low
Esteghlal F.C. Cross Site Scripting
13.05.2024
E1.Coders
Low
Panel Amadey.d.c MVID-2024-0680 Cross Site Scripting
11.05.2024
malvuln
Low
SOPlanning 1.52.00 Cross Site Scripting
04.05.2024
liquidsky
Low
Doctor Appointment Management System 1.0 Cross Site Scripting
01.05.2024
SoSPiro
Low
Wordpress Plugin Alemha Watermarker 1.3.1 Stored Cross-Site Scripting (XSS)
21.04.2024
Erdemstar
Low
Wordpress Plugin Playlist for Youtube 1.32 Stored Cross-Site Scripting (XSS)
14.04.2024
Erdemstar
Low
Blood Bank v1.0 Stored Cross Site Scripting (XSS)
14.04.2024
Ersin Erenler
Med.
OX App Suite 7.10.6 Cross Site Scripting / Deserialization Issue
11.04.2024
Martin Heiland
Low
Concrete CMS 9.2.7 Cross Site Scripting / Open Redirect
11.04.2024
Andrey Stoykov
Low
HTMLy 2.9.6 Cross Site Scripting
08.04.2024
tmrswrr
Low
DerbyNet 9.0 render-document.php Cross Site Scripting
08.04.2024
Valentin Lobstein
Low
Seo Panel 4.7.0 Cross Site Scripting
06.04.2024
Arzu Demirez
Low
Workout Journal App 1.0 Cross Site Scripting
01.04.2024
MURAT CAGRI ALIS
Low
ARIS: Business Process Management 10.0.21.0 Cross Site Scripting
01.04.2024
Seid Yassin
Low
Bludit 3.13.0 Cross Site Scripting
26.03.2024
Gokhan Sensukur
Med.
Insurance Management System PHP And MySQL 1.0 Cross Site Scripting
26.03.2024
Hakki Toklu
Low
LimeSurvey Community 5.3.32 Cross Site Scripting
26.03.2024
Subhankar Singh
Low
Backdrop CMS 1.23.0 Cross Site Scripting
20.03.2024
Sinem Sahin
Low
Financials By Coda Cross Site Scripting
16.03.2024
Leo Draghi
Low
SnipeIT 6.2.1 Stored Cross Site Scripting
13.03.2024
Shahzaib Ali Khan
Low
FullCourt Enterprise 8.2 Cross Site Scripting
09.03.2024
Omar Sabagh
Med.
WordPress IDonate Blood Request Management System 1.8.1 Cross Site Scripting
29.02.2024
Laburity Research Team
Low
SitePad 1.8.2 Cross Site Scripting
22.02.2024
tmrswrr
Med.
OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation
22.02.2024
Johannes Volpel
Low
SPA-CART CMS - Stored XSS
20.02.2024
Eren Sen
Med.
WonderCMS 4.3.2 Cross Site Scripting / Remote Code Execution
20.02.2024
prodigiousMind
Low
InstantCMS 2.16.1 Cross Site Scripting
20.02.2024
SoSPiro
Low
Savsoft Quiz v6.0 Enterprise - Persistent Cross-Site Scripting
20.02.2024
Eren Sen
Low
Statamic CMS Cross Site Scripting
18.02.2024
Niklas Schilling
High
Adapt CMS 3.0.3 Cross Site Scripting / Shell Upload
15.02.2024
Andrey Stoykov
Low
Wordpress simple urls Plugin < 115 XSS
15.02.2024
AmirZargham
Low
Advanced Page Visit Counter 1.0 Cross Site Scripting
10.02.2024
Furkan Ozer
Low
GYM MS 1.0 Cross Site Scripting
07.02.2024
yozgatalperen1
Low
WhatsUp Gold 2022 (22.1.0 Build 39) XSS
06.02.2024
Andreas Finstad
Low
WhatsUp Gold 2022 22.1.0 Build 39 Cross Site Scripting
06.02.2024
Andreas Finstad
Low
MISP 2.4.171 Cross Site Scripting
06.02.2024
Mucahit Ceri
Med.
WordPress POST SMTP Mailer 2.8.7 Authorization Bypass / Cross Site Scripting
13.01.2024
Ulyses Saicha
Low
PHPJabbers Cleaning Business Software 1.0 Cross Site Scripting
11.01.2024
Rahad Chowdhury
Low
PHPJabbers Event Ticketing System 1.0 Cross Site Scripting / HTML Injection
11.01.2024
Rahad Chowdhury
Low
PHPJabbers Shared Asset Booking System 1.0 Cross Site Scripting
11.01.2024
Rahad Chowdhury
Low
iGalerie 3.0.22 Cross Site Scripting
10.01.2024
tmrswrr
Low
WebCalendar 1.3.0 Cross Site Scripting
03.01.2024
tmrswrr
Low
WhatACart 2.0.7 Cross Site Scripting
27.12.2023
tmrswrr
Low
ShopSite 14.0 Cross Site Scripting
26.12.2023
tmrswrr
Low
GaatiTrack Courier Management System 1.0 Cross Site Scripting
20.11.2023
Rahad Chowdhury
Low
Shuttle Booking Software 2.0 Cross Site Scripting
20.11.2023
Rahad Chowdhury
Low
Moodle 4.3 Cross Site Scripting
23.10.2023
tmrswrr
Med.
WordPress Core 6.3.1 XSS / DoS / Arbitrary Shortcode Execution
13.10.2023
James Golovich
Low
WordPress Sonaar Music 4.7 Cross Site Scripting
10.10.2023
Furkan Karaarslan
Low
WordPress KiviCare 3.2.0 Cross Site Scripting
05.10.2023
Arvandy
Med.
SAP Enable Now Manager 10.6.5 Build 2804 Cloud Edition CSRF / XSS / Redirect
03.10.2023
Fabian Hagg
Low
openVIVA c2 20220101 Cross Site Scripting
03.10.2023
Daniel Hirschberger
Low
WordPress Contact Form Generator 2.5.5 Cross Site Scripting
03.10.2023
Arvandy
Med.
OPNsense 23.1.11_1 / 23.7.3 / 23.7.4 Cross Site Scripting / Privilege Escalation
25.09.2023
Yasar Klawohn
Low
Taskhub 2.8.8 Cross Site Scripting
24.09.2023
nu11secur1ty
Low
Night Club Booking Software 1.0 Cross Site Scripting
18.09.2023
nu11secur1ty
Low
Italia Mediasky CMS 2.0 Cross Site Scripting
18.09.2023
indoushka
Low
PTC - Codebeamer Cross Site Scripting
18.09.2023
Niklas Schilling
Low
Academy LMS 6.2 Cross Site Scripting
15.09.2023
CraCkEr
Med.
WordPress Slimstat Analytics 5.0.9 Cross Site Scripting / SQL Injection
13.09.2023
Lana Codes
Low
Cinema Booking System 1.0 Cross Site Scripting
10.09.2023
nu11secur1ty
Low
Event Booking Calendar 4.0 Cross Site Scripting
10.09.2023
nu11secur1ty
Low
Wordpress Sonaar Music Plugin 4.7 - Stored XSS
09.09.2023
Furkan Karaarslan
Low
Axigen 10.5.0–4370c946 Cross Site Scripting
09.09.2023
AmirZargham
Low
Axigen 10.5.0–4370c946 Cross Site Scripting
09.09.2023
AmirZargham
Low
CSZ CMS 1.3.0 Cross Site Scripting
04.09.2023
Daniel Gonzalez
Low
PHP JABBERS PHP Review Script 1.0 Cross Site Scripting
31.08.2023
nu11secur1ty
Low
Jorani 1.0.3 Cross Site Scripting
28.08.2023
nu11secur1ty
Low
User Registration And Login And User Management System 3.0 Cross Site Scripting
24.08.2023
Ashutosh Singh Umath
Low
Uvdesk 1.1.4 Cross Site Scripting
24.08.2023
Hubert Wojciechowski
CVEMAP Search Results
CVE
Details
Description
2024-07-26
CVE-2024-25090
Updating...
Insufficient input validation and sanitation in Profile name & screenname, Bookmark name & description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.3. This issue affects Apache Roller: from 5.0.0 before 6.1.3. Users are recommended to upgrade to version 6.1.3, which fixes the issue.
2024-07-25
CVE-2024-28772
Updating...
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285645.
CVE-2024-6558
Updating...
HMS Industrial Networks Anybus-CompactCom 30 products are vulnerable to a XSS attack caused by the lack of input sanitation checks. As a consequence, it is possible to insert HTML code into input fields and store the HTML code. The stored HTML code will be embedded in the page and executed by host browser the next time the page is loaded, enabling social engineering attacks.
2024-07-23
CVE-2024-34128
Updating...
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim�??s browser when they browse to the page containing the vulnerable field.
2024-07-22
CVE-2024-37445
Updating...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bPlugins Html5 Audio Player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through 2.2.23.
CVE-2024-37436
Updating...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit Pro for LearnDash allows Reflected XSS.This issue affects Uncanny Toolkit Pro for LearnDash: from n/a before 4.1.4.1.
CVE-2024-37434
Updating...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Atarim allows Stored XSS.This issue affects Atarim: from n/a through 3.31.
CVE-2024-37433
Updating...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EverPress Mailster allows Reflected XSS.This issue affects Mailster: from n/a through 4.0.9.
CVE-2024-37432
Updating...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeGrill Esteem allows Stored XSS.This issue affects Esteem: from n/a through 1.5.0.
CVE-2024-37429
Updating...
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hamid Alinia �?? idehweb Login with phone number allows Stored XSS.This issue affects Login with phone number: from n/a through 1.7.35.
Copyright
2024
, cxsecurity.com
Back to Top
