Total
37565 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45538 | 1 Eyoucms | 1 Eyoucms | 2025-04-03 | N/A | 6.1 MEDIUM |
| EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie "ENV_GOBACK_URL". | |||||
| CVE-2022-45537 | 1 Eyoucms | 1 Eyoucms | 2025-04-03 | N/A | 6.1 MEDIUM |
| EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie "ENV_LIST_URL". | |||||
| CVE-2024-32327 | 1 Totolink | 2 N300rt, N300rt Firmware | 2025-04-03 | N/A | 5.5 MEDIUM |
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall Page. | |||||
| CVE-2024-32332 | 1 Totolink | 2 N300rt, N300rt Firmware | 2025-04-03 | N/A | 6.1 MEDIUM |
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in WDS Settings under the Wireless Page. | |||||
| CVE-2024-32333 | 1 Totolink | 2 N300rt, N300rt Firmware | 2025-04-03 | N/A | 4.3 MEDIUM |
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page. | |||||
| CVE-2024-32334 | 1 Totolink | 2 N300rt, N300rt Firmware | 2025-04-03 | N/A | 6.5 MEDIUM |
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page. | |||||
| CVE-2024-32335 | 1 Totolink | 2 N300rt, N300rt Firmware | 2025-04-03 | N/A | 5.4 MEDIUM |
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless Page. | |||||
| CVE-2024-31065 | 1 Munyweki | 1 Insurance Management System | 2025-04-03 | N/A | 6.1 MEDIUM |
| Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field. | |||||
| CVE-2024-31064 | 1 Munyweki | 1 Insurance Management System | 2025-04-03 | N/A | 6.1 MEDIUM |
| Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the First Name input field. | |||||
| CVE-2024-31063 | 1 Munyweki | 1 Insurance Management System | 2025-04-03 | N/A | 6.4 MEDIUM |
| Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Email input field. | |||||
| CVE-2023-23024 | 1 Book Store Management System Project | 1 Book Store Management System | 2025-04-03 | N/A | 6.1 MEDIUM |
| Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the writer parameter. | |||||
| CVE-2023-23015 | 1 Kalkun Project | 1 Kalkun | 2025-04-03 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Kalkun 0.8.0 via username input in file User_model.php. | |||||
| CVE-2023-23014 | 1 Inventory System Project | 1 Inventory System | 2025-04-03 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in InventorySystem thru commit e08fbbe17902146313501ed0b5feba81d58f455c (on Apr 23, 2021) via edit_store_name and edit_active inputs in file InventorySystem.php. | |||||
| CVE-2023-23012 | 1 Classroombookings | 1 Classroombookings | 2025-04-03 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in craigrodway classroombookings 2.6.4 allows attackers to execute arbitrary code or other unspecified impacts via the input bgcol in file Weeks.php. | |||||
| CVE-2023-23010 | 1 Ecommerce-codeigniter-bootstrap Project | 1 Ecommerce-codeigniter-bootstrap | 2025-04-03 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows attackers to execute arbitrary code via the languages and trans_load parameters in file add_product.php. | |||||
| CVE-2022-40034 | 1 Javaweb Blog Project | 1 Javaweb Blog | 2025-04-03 | N/A | 5.4 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo' parameter. | |||||
| CVE-2020-24901 | 1 Krpano | 1 Krpano | 2025-04-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| The default installation of Krpano Panorama Viewer version <=1.20.8 is vulnerable to Reflected XSS due to insecure remote js load in file viewer/krpano.html, parameter plugin[test].url. | |||||
| CVE-2024-31061 | 1 Munyweki | 1 Insurance Management System | 2025-04-03 | N/A | 6.1 MEDIUM |
| Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Last Name input field. | |||||
| CVE-2024-13074 | 1 Phpgurukul | 1 Land Record System | 2025-04-03 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-56237 | 1 Contest-gallery | 1 Contest Gallery | 2025-04-03 | N/A | 5.9 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Contest Gallery Contest Gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through 24.0.3. | |||||