CWE:
 

Topic
Date
Author
Low
Orangescrum 1.8.0 Cross Site Scripting
29.11.2021
Hubert Wojciechowski
Low
PHPJabbers Simple CMS 5 name Persistent Cross-Site Scripting (XSS)
29.11.2021
Vulnerability-Lab
Low
WordPress Preview E-mails For WooCommerce 1.6.8 Cross Site Scripting
18.11.2021
Chloe Chamberland
Low
Quick.CMS 6.7 Cross Site Request Forgery / Cross Site Scripting
17.11.2021
Rahad Chowdhury
Low
Bludit 3.13.1 Cross Site Scripting
17.11.2021
Vasu
Med.
WordPress WPSchoolPress 2.1.16 Cross Site Scripting
16.11.2021
Davide Taraschi
Low
CMDBuild 3.3.2 Cross Site Scripting
16.11.2021
Hosein Vita
Low
PHP Laravel 8.70.1 Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)
15.11.2021
Hosein Vita
Low
Ultimate POS 4.4 name Cross-Site Scripting (XSS)
15.11.2021
Vulnerability Lab
Low
WordPress Plugin Hotel Listing 3 Multiple Cross-Site Scripting (XSS)
15.11.2021
Vulnerability Lab
Low
WordPress WP Symposium Pro 2021.10 Cross Site Scripting
14.11.2021
Murat Demirci
Med.
PHP Melody 3.0 Multiple Cross-Site Scripting (XSS)
12.11.2021
Vulnerability Lab
Low
Dolibarr ERP / CRM 13.0.2 Cross Site Scripting
11.11.2021
Nick Decker
Low
Employee Daily Task Management System 1.0 Cross Site Scripting
10.11.2021
Ragavender A G
Low
Employee And Visitor Gate Pass Logging System 1.0 Cross Site Scripting
10.11.2021
Ilhami Selmet
Med.
My Movie Collection Sinatra App Login Cross Site Scripting
02.11.2021
Vulnerability Laborato...
Low
WordPress NextScripts: Social Networks Auto-Poster 4.3.20 XSS
01.11.2021
Ramuel Gall
Low
PHPGurukul Hostel Management System 2.1 Cross-site request forgery (CSRF) to Cross-site Scripting (XSS)
30.10.2021
Anubhav Singh
Low
WebCTRL OEM 6.5 Cross Site Scripting
29.10.2021
3ndG4me
Med.
WordPress NextScripts Social Networks Auto-Poster 4.3.20 XSS
29.10.2021
Ramuel Gall
Med.
Hostel Management System 2.1 Cross Site Request Forgery / Cross Site Scripting
28.10.2021
Anubhav Singh
Low
Online Event Booking And Reservation System 1.0 Cross Site Scripting
27.10.2021
Alon Leviev
Low
Sonicwall SonicOS 6.5.4 Cross Site Scripting
27.10.2021
Vulnerability Laborato...
Med.
Isshue Shopping Cart 3.5 Cross Site Scripting
27.10.2021
Vulnerability Laborato...
Low
WordPress Plugin TaxoPress 3.0.7.1 Stored Cross-Site Scripting (XSS) (Authenticated)
25.10.2021
Akash Rajendra Patil
Low
Small CRM 3.0 Cross Site Scripting
21.10.2021
Ghuliev
Low
Support Board 3.3.4 Cross Site Scripting
18.10.2021
John Jefferson Li
Low
i-Panel Administration System 2.0 Cross Site Scripting
17.10.2021
Forster Chiu
Low
Logitech Media Server 8.2.0 Cross Site Scripting
14.10.2021
Mert Das
Med.
Yellowfin Cross Site Scripting / Insecure Direct Object Reference
14.10.2021
Michele Di Bonaventura
Low
myfactory.FMS 7.1-911 Cross Site Scripting
13.10.2021
Anonymouse
Med.
Student Quarterly Grading System 1.0 Cross Site Scripting
13.10.2021
Huseyin Serkan Balkanl...
Low
django-unicorn 0.35.3 Cross Site Scripting
09.10.2021
Raven Security Associa...
Low
Lifestyle Store 1.0 Cross Site Scripting
05.10.2021
Abdulrahman
Low
Young Entrepreneur E-Negosyo System 1.0 Cross Site Scripting
05.10.2021
Jordan Glover
Low
Phpwcms 1.9.30 Cross Site Scripting
02.10.2021
Okan Kurtulus
Low
OpenSIS 8.0 Cross Site Scripting
29.09.2021
Eric Salario
Med.
PASS-PHP 1.0 SQL Injection / Cross Site Scripting
28.09.2021
nu11secur1ty
Med.
WordPress TranslatePress 2.0.8 Cross Site Scripting
28.09.2021
Nosa Shandy
Low
WordPress Advanced Order Export For WooCommerce 3.1.7 Cross Site Scripting
23.09.2021
0xB9
Med.
WP Google Maps Plugin < 8.1.13 - Authenticated Persistent XSS
20.09.2021
Visse
Med.
WP Google Maps PRO Add-on Plugin < 8.1.12 - Authenticated Persistent XSS
20.09.2021
Visse
Low
Cloudron 6.2 Cross Site Scripting
18.09.2021
Akiner Kisa
Med.
AHSS-PHP 1.0 Cross Site Scripting / SQL Injection
15.09.2021
nu11secur1ty
Low
WordPress Duplicate Page 4.4.1 Cross Site Scripting
04.09.2021
Nikhil Kapoor
Low
jforum 2.7.0 Cross Site Scripting
04.09.2021
Kun Song
Med.
Moxa Command Injection / Cross Site Scripting / Vulnerable Software
01.09.2021
T. Weber
Low
Projectsend r1295 name Stored XSS
30.08.2021
Abdullah Kala
Low
HP OfficeJet 4630/7110 MYM1FN2025AR 2117A Cross Site Scripting
25.08.2021
Tyler Butler
Low
Laundry Booking Management System 1.0 Multiple Stored Cross-Site Scripting (XSS)
20.08.2021
Azumah Foresight Xorla...
Low
CentOS Web Panel 0.9.8.1081 Stored Cross-Site Scripting (XSS)
19.08.2021
Dinesh Mohanty
Low
Cyberoam NetGenie Cross Site Scripting
18.08.2021
Gionathan Reale
Low
Hospital Management System Cross Site Scripting
18.08.2021
nu11secur1ty
Med.
COMMAX Biometric Access Control System 1.0.0 Cross Site Scripting
17.08.2021
LiquidWorm
Low
NetGear D1500 1.0.0.21_1.0.1PE Cross Site Scripting
17.08.2021
Securityium
High
GeoVision Geowebserver 5.3.3 LFI / XSS / CSRF / Code Execution
17.08.2021
Ken Pyle
Low
Chikitsa 2.0.0 Cross Site Scripting
13.08.2021
nu11secur1ty
Low
PluXML 5.8.7 Cross Site Scripting
13.08.2021
nu11secur1ty
Low
Care2x Open Source Hospital Information Management 2.7 Alpha XSS
13.08.2021
securityforeveryone
Low
Police Crime Record Management System 1.0 Cross Site Scripting
13.08.2021
Omer Hasan Durmus
Low
WordPress Picture Gallery 1.4.2 Cross Site Scripting
10.08.2021
Aryan Chehreghani
Low
Connect-app (CDU) 3.8 Cross Site Scripting
09.08.2021
team smackback
Low
OneNav Beta 0.9.12 Cross Site Scripting
09.08.2021
nu11secur1ty
Low
CMSuno 1.7 Cross Site Scripting
06.08.2021
splint3rsec
High
Hotel Management System 1.0 Cross Site Scripting / Shell Upload
03.08.2021
Merbin Russel
Low
eGain Chat 15.5.5 Cross Site Scripting
01.08.2021
Hassy Vinod Eshan
Low
ObjectPlanet Opinio 7.12 Cross Site Scripting
30.07.2021
Ang Kar Min
Low
WordPress Plugin Mimetic Books 0.2.13 Default Publisher ID field Stored Cross-Site Scripting (XSS)
27.07.2021
Vikas Srivastava
Med.
Zabbix 5.x SQL Injection / Cross Site Scripting
26.07.2021
Taurus Omar
Med.
Tagstoo 2.0.1 Cross Site Scripting / Code Execution
26.07.2021
Taurus Omar
Low
WordPress Simple Post 1.1 Cross Site Scripting
23.07.2021
Vikas Srivastava
Low
Ampache 4.4.2 Cross Site Scripting
21.07.2021
Daniel Bishtawi
Low
WordPress KN Fix Your Title 1.0.1 Cross Site Scripting
21.07.2021
Aakash Choudhary
Low
WordPress Mimetic Books 0.2.13 Cross Site Scripting
19.07.2021
Vikas Srivastava
Med.
OX App Suite / OX Guard / OX Documents SSRF / Cross Site Scripting
17.07.2021
Martin Heiland
Low
Invoice System 1.0 Cross Site Scripting
15.07.2021
Subhadip Nag
Low
WordPress WPFront Notification Bar 1.9.1.04012 Cross Site Scripting
14.07.2021
Swapnil Subhash Bodeka...
Low
Pandora FMS 7.54 Cross Site Scripting
14.07.2021
nu11secur1ty
Low
WordPress Current Book 1.0.1 Cross Site Scripting
14.07.2021
Vikas Srivastava
Low
4Images 1.8 Cross Site Scripting
11.07.2021
Piyush Patil
Low
Zoo Management System 1.0 Cross Site Scripting
09.07.2021
Subhadip Nag
High
Wyomind Help Desk 1.3.6 XSS / Traversal / Shell Upload
08.07.2021
Patrik Lantz
Low
Employee Record Management System 1.2 Cross Site Scripting
08.07.2021
Subhadip Nag
Low
perfexcrm 1.10 Cross Site Scripting
07.07.2021
Alhasan Abbas
Low
Real Estate 7 WordPress Theme < 3.1.1 - Unauthenticated Reflected XSS
05.07.2021
Visse
High
Scratch Desktop 3.17 Code Execution / Cross Site Scripting
02.07.2021
apple502j
Low
AKCP sensorProbe SPX476 Cross Site Scripting
02.07.2021
Tyler Butler
Low
Teachers Record Management System 1.0 email Stored Cross-site Scripting (XSS)
29.06.2021
nhattruong
Low
Atlassian Jira Server/Data Center 8.16.0 Cross Site Scripting
28.06.2021
Captain_hook
Low
SAS Environment Manager 2.5 Cross Site Scripting
28.06.2021
Luqman Hakim Zahari
Med.
Personnel Record Management System 1.0 Authentication Bypass / XSS
28.06.2021
Richard Jones
Low
WordPress YOP Polls 6.2.7 Cross Site Scripting
28.06.2021
Toby Jackson
Low
ICE Hrm 29.0.0.OS xml upload Stored Cross-Site Scripting
27.06.2021
*Piyush Patil *& Rafal...
Low
WordPress WP Google Maps 8.1.11 Cross Site Scripting
25.06.2021
Mohammed Adam
Low
Cerberus FTP Web Service 11 Cross Site Scripting
11.06.2021
Mohammad Hossein Kaviy...
Low
WordPress Visitors-App 0.3 Cross Site Scripting
09.06.2021
Mesut Cetin
Low
FUDForum 3.1.0 Cross Site Scripting
06.06.2021
Piyush Patil
Low
CHIYU IoT Cross Site Scripting
02.06.2021
sirpedrotavares
Low
Shopizer 2.16.0 Multiple Cross-Site Scripting (XSS)
02.06.2021
Marek Toth
Low
WordPress WP Prayer 1.6.1 Cross Site Scripting
01.06.2021
Bastijn Ouwendijk


CVEMAP Search Results

CVE
Details
Description
2021-12-01
Low
CVE-2021-20858

Updating...
 

 
Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.

 
Waiting for details
CVE-2021-3983

Updating...
 

 
kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

 
Waiting for details
CVE-2021-3994

Updating...
 

 
django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

 
Waiting for details
CVE-2021-3985

Updating...
 

 
kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

 
Waiting for details
CVE-2020-35037

Updating...
 

 
The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape some search parameter before outputing them in pages, which could lead to Cross-Site Scripting issues

 
2021-11-30
Low
CVE-2021-42119

Vendor: Businessdnasolutions
Software: Topease
 

 

 
Low
CVE-2021-42118

Vendor: Businessdnasolutions
Software: Topease
 

 

 
Low
CVE-2021-25987

Vendor: HEXO
Software: HEXO
 

 

 
2021-11-29
Low
CVE-2021-24927

Vendor: My calendar project
Software: My calendar
 

 
The My Calendar WordPress plugin before 3.2.18 does not sanitise and escape the callback parameter of the mc_post_lookup AJAX action (available to any authenticated user) before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue

 
Low
CVE-2021-24918

Vendor: Smashballoon
Software: Smash balloo...
 

 
The Smash Balloon Social Post Feed WordPress plugin before 4.0.1 did not have any privilege or nonce validation before saving the plugin's setting. As a result, any logged-in user on a vulnerable site could update the settings and store rogue JavaScript on each of its posts and pages.

 

 


Copyright 2021, cxsecurity.com

 

Back to Top