Total
44924 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-37132 | 1 Eyoucms | 1 Eyoucms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the custom variables module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2023-37125 | 1 Seacms | 1 Seacms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Management Custom label module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2023-37124 | 1 Seacms | 1 Seacms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the Site Setup module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2023-37122 | 1 Bagesoft | 1 Bagecms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module. | ||||
| CVE-2023-37070 | 1 Code-projects | 1 Hospital Information System | 2024-11-21 | 4.8 Medium |
| Code Projects Hospital Information System 1.0 is vulnerable to Cross Site Scripting (XSS) | ||||
| CVE-2023-37067 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 4.8 Medium |
| Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the classes/usergroups management section. | ||||
| CVE-2023-37066 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 4.8 Medium |
| Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel. | ||||
| CVE-2023-37065 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 4.8 Medium |
| Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section. | ||||
| CVE-2023-37064 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 4.8 Medium |
| Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section. | ||||
| CVE-2023-37063 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 4.8 Medium |
| Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section. | ||||
| CVE-2023-37062 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 4.8 Medium |
| Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the course categories' definition. | ||||
| CVE-2023-37061 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 4.8 Medium |
| Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section. | ||||
| CVE-2023-36995 | 1 Travianz Project | 1 Travianz | 2024-11-21 | 6.1 Medium |
| TravianZ through 8.3.4 allows XSS via the Alliance tag/name, the statistics page, the link preferences, the Admin Logs, or the COOKUSR cookie. | ||||
| CVE-2023-36970 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 5.4 Medium |
| A Cross-site scripting (XSS) vulnerability in CMS Made Simple v2.2.17 allows remote attackers to inject arbitrary web script or HTML via the File Upload function. | ||||
| CVE-2023-36942 | 1 Phpgurukul | 1 Online Fire Reporting System | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the website title field. | ||||
| CVE-2023-36941 | 1 Phpgurukul | 1 Online Fire Reporting System | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and member fields. | ||||
| CVE-2023-36940 | 1 Phpgurukul | 1 Online Fire Reporting System | 2024-11-21 | 4.8 Medium |
| Cross Site Scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL v.1.2 allows attackers to execute arbitrary code via a crafted payload injected into the search field. | ||||
| CVE-2023-36939 | 1 Phpgurukul | 1 Hostel Management System | 2024-11-21 | 6.1 Medium |
| Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field. | ||||
| CVE-2023-36936 | 1 Phpgurukul | 1 Online Security Guards Hiring System | 2024-11-21 | 6.1 Medium |
| Cross-Site Scripting (XSS) vulnerability in PHPGurukul Online Security Guards Hiring System using PHP and MySQL 1.0 allows attackers to execute arbitrary code via a crafted payload to the search booking box. | ||||
| CVE-2023-36918 | 1 Sap | 1 Enable Now | 2024-11-21 | 6.1 Medium |
| In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-Content-Type-Options response header is not implemented, allowing an unauthenticated attacker to trigger MIME type sniffing, which leads to Cross-Site Scripting, which could result in disclosure or modification of information. | ||||