Total
44964 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40816 | 1 Opencrx | 1 Opencrx | 2024-11-21 | 6.1 Medium |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Milestone Name Field. | ||||
| CVE-2023-40815 | 1 Opencrx | 1 Opencrx | 2024-11-21 | 6.1 Medium |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via the Category Creation Name Field. | ||||
| CVE-2023-40814 | 1 Opencrx | 1 Opencrx | 2024-11-21 | 6.1 Medium |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Name Field. | ||||
| CVE-2023-40813 | 1 Opencrx | 1 Opencrx | 2024-11-21 | 6.1 Medium |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Saved Search Creation. | ||||
| CVE-2023-40812 | 1 Opencrx | 1 Opencrx | 2024-11-21 | 6.1 Medium |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Group Name Field. | ||||
| CVE-2023-40810 | 1 Opencrx | 1 Opencrx | 2024-11-21 | 6.1 Medium |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via Product Name Field. | ||||
| CVE-2023-40809 | 1 Opencrx | 1 Opencrx | 2024-11-21 | 6.1 Medium |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via the Activity Search Criteria-Activity Number. | ||||
| CVE-2023-40786 | 1 Hkcms | 1 Hkcms | 2024-11-21 | 5.4 Medium |
| HKcms v2.3.0.230709 is vulnerable to Cross Site Scripting (XSS) allowing administrator cookies to be stolen. | ||||
| CVE-2023-40755 | 1 Phpjabbers | 1 Callback Widget | 2024-11-21 | 6.1 Medium |
| There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0. | ||||
| CVE-2023-40753 | 1 Phpjabbers | 1 Ticket Support Script | 2024-11-21 | 5.4 Medium |
| There is a Cross Site Scripting (XSS) vulnerability in the message parameter of index.php in PHPJabbers Ticket Support Script v3.2. | ||||
| CVE-2023-40752 | 1 Phpjabbers | 1 Make An Offer Widget | 2024-11-21 | 6.1 Medium |
| There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0. | ||||
| CVE-2023-40751 | 1 Phpjabbers | 1 Fundraising Script | 2024-11-21 | 6.1 Medium |
| PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting (XSS) via the "action" parameter of index.php. | ||||
| CVE-2023-40750 | 1 Phpjabbers | 1 Yacht Listing Script | 2024-11-21 | 6.1 Medium |
| There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Yacht Listing Script v1.0. | ||||
| CVE-2023-40705 | 1 I-pro | 1 Video Insight | 2024-11-21 | 5.4 Medium |
| Stored cross-site scripting vulnerability in Map setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script. | ||||
| CVE-2023-40684 | 1 Ibm | 1 Content Navigator | 2024-11-21 | 4.6 Medium |
| IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 264019. | ||||
| CVE-2023-40681 | 1 Groundhogg | 1 Groundhogg | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11.10 versions. | ||||
| CVE-2023-40677 | 1 Gopiplus | 1 Vertical Marquee | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Vertical marquee plugin <= 7.1 versions. | ||||
| CVE-2023-40676 | 1 Wp-slimstat | 1 Slimstat Analytics | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin <= 5.0.8 versions. | ||||
| CVE-2023-40675 | 1 Pluginops | 1 Landing Page Builder | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PluginOps Landing Page Builder plugin <= 1.5.1.2 versions. | ||||
| CVE-2023-40669 | 1 Twinpictures | 1 Collapse-o-matic | 2024-11-21 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in twinpictures, baden03 Collapse-O-Matic plugin <= 1.8.5.5 versions. | ||||