Total
29022 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-32391 | 2024-07-03 | N/A | 7.3 HIGH | ||
| Cross Site Scripting vulnerability in MacCMS v.10 v.2024.1000.3000 allows a remote attacker to execute arbitrary code via a crafted payload. | |||||
| CVE-2024-32345 | 2024-07-03 | N/A | N/A | ||
| A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Configuration parameter under the Language section. | |||||
| CVE-2024-32344 | 2024-07-03 | N/A | 6.8 MEDIUM | ||
| A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit parameter under the Language section. | |||||
| CVE-2024-32343 | 2024-07-03 | N/A | 6.1 MEDIUM | ||
| A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter. | |||||
| CVE-2024-32342 | 2024-07-03 | N/A | 6.1 MEDIUM | ||
| A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Permalink parameter. | |||||
| CVE-2024-32339 | 2024-07-03 | N/A | 6.1 MEDIUM | ||
| Multiple cross-site scripting (XSS) vulnerabilities in the HOW TO page of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into any of the parameters. | |||||
| CVE-2024-32338 | 2024-07-03 | N/A | 5.4 MEDIUM | ||
| A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE TITLE parameter under the Current Page module. | |||||
| CVE-2024-32337 | 2024-07-03 | N/A | 6.1 MEDIUM | ||
| A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ADMIN LOGIN URL parameter under the Security module. | |||||
| CVE-2024-32335 | 2024-07-03 | N/A | 5.4 MEDIUM | ||
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless Page. | |||||
| CVE-2024-32334 | 2024-07-03 | N/A | 6.5 MEDIUM | ||
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page. | |||||
| CVE-2024-32333 | 2024-07-03 | N/A | 4.3 MEDIUM | ||
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page. | |||||
| CVE-2024-32327 | 2024-07-03 | N/A | 5.5 MEDIUM | ||
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall Page. | |||||
| CVE-2024-32326 | 2024-07-03 | N/A | 6.8 MEDIUM | ||
| TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the key parameter in the setWiFiExtenderConfig function. | |||||
| CVE-2024-32325 | 2024-07-03 | N/A | 2.4 LOW | ||
| TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig function. | |||||
| CVE-2024-32206 | 2024-07-03 | N/A | 4.6 MEDIUM | ||
| A stored cross-site scripting (XSS) vulnerability in the component \affiche\admin\index.php of WUZHICMS v4.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $formdata parameter. | |||||
| CVE-2024-31857 | 2024-07-03 | N/A | 5.4 MEDIUM | ||
| Forminator prior to 1.15.4 contains a cross-site scripting vulnerability. If this vulnerability is exploited, a remote attacker may obtain user information etc. and alter the page contents on the user's web browser. | |||||
| CVE-2024-31828 | 2024-07-03 | N/A | 6.1 MEDIUM | ||
| Cross Site Scripting vulnerability in Lavalite CMS v.10.1.0 allows attackers to execute arbitrary code and obtain sensitive information via a crafted payload to the URL. | |||||
| CVE-2024-31650 | 2024-07-03 | N/A | 9.6 CRITICAL | ||
| A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name parameter. | |||||
| CVE-2024-31586 | 2024-07-03 | N/A | 6.1 MEDIUM | ||
| A Cross Site Scripting (XSS) vulnerability exists in Computer Laboratory Management System version 1.0. This vulnerability allows a remote attacker to execute arbitrary code via the Borrower Name, Department, and Remarks parameters. | |||||
| CVE-2024-31544 | 2024-07-03 | N/A | 5.4 MEDIUM | ||
| A stored cross-site scripting (XSS) vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrower_name”, “faculty_department” parameters in /classes/Master.php?f=save_record. | |||||