CWE-79 CVEs and Security Vulnerabilities

Filtered by CWE-79

Search

Switch to Advanced Search (Beta)

Total 44903 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-32000	1 Ui	1 Unifi Network Application	2024-11-21	4.8 Medium
A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and earlier) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page.
CVE-2023-31942	1 Online Travel Agency System Project	1 Online Travel Agency System	2024-11-21	4.8 Medium
Cross Site Scripting vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the description parameter in insert.php.
CVE-2023-31935	1 Phpgurukul	1 Rail Pass Management System	2024-11-21	4.8 Medium
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the emial parameter of admin-profile.php.
CVE-2023-31934	1 Phpgurukul	1 Rail Pass Management System	2024-11-21	4.8 Medium
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the adminname parameter of admin-profile.php.
CVE-2023-31853	1 Cudy	2 Lt400, Lt400 Firmware	2024-11-21	6.1 Medium
Cudy LT400 1.13.4 is vulnerable Cross Site Scripting (XSS) in /cgi-bin/luci/admin/network/bandwidth via the icon parameter.
CVE-2023-31851	1 Cudy	2 Lt400, Lt400 Firmware	2024-11-21	6.1 Medium
Cudy LT400 1.13.4 is has a cross-site scripting (XSS) vulnerability in /cgi-bin/luci/admin/network/wireless/status via the iface parameter.
CVE-2023-31754	1 Optimizely	1 Optimizely Cms	2024-11-21	4.8 Medium
Optimizely CMS UI before v12.16.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Admin panel.
CVE-2023-31705	1 Task Reminder System Project	1 Task Reminder System	2024-11-21	5.4 Medium
A Reflected Cross-site scripting (XSS) vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter.
CVE-2023-31698	1 Bludit	1 Bludit	2024-11-21	5.4 Medium
Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration).
CVE-2023-31546	1 Dedebiz	1 Dedebiz	2024-11-21	9.6 Critical
Cross Site Scripting (XSS) vulnerability in DedeBIZ v6.0.3 allows attackers to run arbitrary code via the search feature.
CVE-2023-31466	1 Fsmlabs	1 Timekeeper	2024-11-21	5.4 Medium
An XSS issue was discovered in FSMLabs TimeKeeper 8.0.17. On the "Configuration -> Compliance -> Add a new compliance report" and "Configuration -> Timekeeper Configuration -> Add a new source there" screens, there are entry points to inject JavaScript code.
CVE-2023-31302	1 Sesami	1 Cash Point \& Transport Optimizer	2024-11-21	6.1 Medium
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Teller field.
CVE-2023-31301	1 Sesami	1 Cash Point \& Transport Optimizer	2024-11-21	6.1 Medium
Stored Cross Site Scripting (XSS) Vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the Username field of the login form and application log.
CVE-2023-31299	1 Sesami	1 Cash Point \& Transport Optimizer	2024-11-21	6.1 Medium
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Barcode field of a container.
CVE-2023-31298	1 Sesami	1 Cash Point \& Transport Optimizer	2024-11-21	4.8 Medium
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user.
CVE-2023-31297	1 Sesami	1 Cash Point \& Transport Optimizer	2024-11-21	4.8 Medium
An issue was discovered in SESAMI planfocus CPTO (Cash Point & Transport Optimizer) 6.3.8.6 718. There is XSS via the Name field when modifying a client.
CVE-2023-31236	1 Unfocus	1 Scripts N Styles	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in unFocus Projects Scripts n Styles plugin <= 3.5.7 versions.
CVE-2023-31232	1 Artiss	1 Plugins List	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Artiss Plugins List plugin <= 2.5 versions.
CVE-2023-31221	1 Ransomchristofferson	1 Pdq Csv	2024-11-21	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ransom Christofferson PDQ CSV plugin <= 1.0.0 versions.
CVE-2023-31218	1 Pluginus	1 Wolf - Wordpress Posts Bulk Editor And Products Manager Professional	2024-11-21	7.1 High
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.6 versions.

« first previous Page 1649 of 2246. next last »