Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (42958 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-44207 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-11-21 5.4 Medium
Stored cross-site scripting (XSS) vulnerability in protection plan name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
CVE-2023-44174 1 Projectworlds 1 Online Movie Ticket Booking System 2024-11-21 6.4 Medium
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability.
CVE-2023-44173 1 Projectworlds 1 Online Movie Ticket Booking System 2024-11-21 5.4 Medium
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site Scripting vulnerability.
CVE-2023-44145 1 Jesweb 1 Anchor Episodes Index \(spotify For Podcasters\) 2024-11-21 6.5 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in jesweb.Dev Anchor Episodes Index (Spotify for Podcasters) plugin <= 2.1.7 versions.
CVE-2023-44144 1 Dreamfoxmedia 1 Payment Gateway Per Product For Woocommerce 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dreamfox Payment gateway per Product for WooCommerce plugin <= 3.2.7 versions.
CVE-2023-44143 1 Bamboo Mcr 1 Bamboo Columns 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bamboo Mcr Bamboo Columns allows Stored XSS.This issue affects Bamboo Columns: from n/a through 1.6.1.
CVE-2023-44089 1 Pandorafms 1 Pandora Fms 2024-11-21 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). It was possible to execute malicious JS code on Visual Consoles. This issue affects Pandora FMS: from 700 through 774.
CVE-2023-44075 1 Small Crm Project 1 Small Crm 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in Small CRM in PHP v.3.0 allows a remote attacker to execute arbitrary code via a crafted payload to the Address parameter.
CVE-2023-44048 1 Oretnom23 1 Expense Tracker 2024-11-21 5.4 Medium
Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting (XSS) via add category.
CVE-2023-44043 1 Blackcat-cms 1 Blackcat Cms 2024-11-21 6.1 Medium
A reflected cross-site scripting (XSS) vulnerability in /install/index.php of Black Cat CMS 1.4.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website title parameter.
CVE-2023-44042 1 Blackcat-cms 1 Blackcat Cms 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in /settings/index.php of Black Cat CMS 1.4.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website header parameter.
CVE-2023-44012 1 Mojoportal 1 Mojoportal 2024-11-21 6.1 Medium
Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component.
CVE-2023-43952 1 Sscms Project 1 Sscms 2024-11-21 5.4 Medium
SSCMS 7.2.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Material Management component.
CVE-2023-43951 1 Sscms Project 1 Sscms 2024-11-21 5.4 Medium
SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Column Management component.
CVE-2023-43944 1 Task Management System Project 1 Task Management System 2024-11-21 5.4 Medium
A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=project_list.
CVE-2023-43906 1 Onworks 1 Xolo Cms 2024-11-21 6.1 Medium
Xolo CMS v0.11 was discovered to contain a reflected cross-site scripting (XSS) vulnerability.
CVE-2023-43884 1 Intelliants 1 Subrion 2024-11-21 5.4 Medium
A Cross-site scripting (XSS) vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter.
CVE-2023-43879 1 Ritecms 1 Ritecms 2024-11-21 4.8 Medium
Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu.
CVE-2023-43878 1 Ritecms 1 Ritecms 2024-11-21 5.4 Medium
Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a crafted payload into the Main Menu Items in the Administration Menu.
CVE-2023-43877 1 Ritecms 1 Ritecms 2024-11-21 4.8 Medium
Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu.