Total
45293 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-45540 | 1 Eyoucms | 1 Eyoucms | 2025-04-03 | 6.1 Medium |
| EyouCMS <= 1.6.0 was discovered a reflected-XSS in article type editor component in POST value "name" if the value contains a malformed UTF-8 char. | ||||
| CVE-2022-45539 | 1 Eyoucms | 1 Eyoucms | 2025-04-03 | 6.1 Medium |
| EyouCMS <= 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file. | ||||
| CVE-2022-45538 | 1 Eyoucms | 1 Eyoucms | 2025-04-03 | 6.1 Medium |
| EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie "ENV_GOBACK_URL". | ||||
| CVE-2022-45537 | 1 Eyoucms | 1 Eyoucms | 2025-04-03 | 6.1 Medium |
| EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie "ENV_LIST_URL". | ||||
| CVE-2024-32327 | 1 Totolink | 2 N300rt, N300rt Firmware | 2025-04-03 | 5.5 Medium |
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall Page. | ||||
| CVE-2024-32332 | 1 Totolink | 2 N300rt, N300rt Firmware | 2025-04-03 | 6.1 Medium |
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in WDS Settings under the Wireless Page. | ||||
| CVE-2024-32333 | 1 Totolink | 2 N300rt, N300rt Firmware | 2025-04-03 | 4.3 Medium |
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page. | ||||
| CVE-2024-32334 | 1 Totolink | 2 N300rt, N300rt Firmware | 2025-04-03 | 6.5 Medium |
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page. | ||||
| CVE-2024-32335 | 1 Totolink | 2 N300rt, N300rt Firmware | 2025-04-03 | 5.4 Medium |
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless Page. | ||||
| CVE-2024-31065 | 2 Munyweki, Sourcecodester | 2 Insurance Management System, Insurance Management System | 2025-04-03 | 6.1 Medium |
| Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field. | ||||
| CVE-2024-31064 | 1 Munyweki | 1 Insurance Management System | 2025-04-03 | 6.1 Medium |
| Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the First Name input field. | ||||
| CVE-2024-31063 | 1 Munyweki | 1 Insurance Management System | 2025-04-03 | 6.4 Medium |
| Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Email input field. | ||||
| CVE-2023-23024 | 1 Book Store Management System Project | 1 Book Store Management System | 2025-04-03 | 6.1 Medium |
| Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the writer parameter. | ||||
| CVE-2023-23015 | 1 Kalkun Project | 1 Kalkun | 2025-04-03 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in Kalkun 0.8.0 via username input in file User_model.php. | ||||
| CVE-2023-23014 | 1 Inventory System Project | 1 Inventory System | 2025-04-03 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in InventorySystem thru commit e08fbbe17902146313501ed0b5feba81d58f455c (on Apr 23, 2021) via edit_store_name and edit_active inputs in file InventorySystem.php. | ||||
| CVE-2023-23012 | 1 Classroombookings | 1 Classroombookings | 2025-04-03 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in craigrodway classroombookings 2.6.4 allows attackers to execute arbitrary code or other unspecified impacts via the input bgcol in file Weeks.php. | ||||
| CVE-2023-23010 | 1 Ecommerce-codeigniter-bootstrap Project | 1 Ecommerce-codeigniter-bootstrap | 2025-04-03 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows attackers to execute arbitrary code via the languages and trans_load parameters in file add_product.php. | ||||
| CVE-2022-40034 | 1 Javaweb Blog Project | 1 Javaweb Blog | 2025-04-03 | 5.4 Medium |
| Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo' parameter. | ||||
| CVE-2020-24901 | 1 Krpano | 1 Krpano | 2025-04-03 | 6.1 Medium |
| The default installation of Krpano Panorama Viewer version <=1.20.8 is vulnerable to Reflected XSS due to insecure remote js load in file viewer/krpano.html, parameter plugin[test].url. | ||||
| CVE-2024-13074 | 1 Phpgurukul | 1 Land Record System | 2025-04-03 | 3.5 Low |
| A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||