Total
27423 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-29000 | 2024-05-20 | N/A | 7.9 HIGH | ||
| The SolarWinds Platform was determined to be affected by a reflected cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability. | |||||
| CVE-2024-2835 | 2024-05-20 | N/A | 8.7 HIGH | ||
| A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited. | |||||
| CVE-2024-3482 | 2024-05-20 | N/A | 8.7 HIGH | ||
| A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited. | |||||
| CVE-2024-34805 | 2024-05-17 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webvitaly iFrame allows Stored XSS.This issue affects iFrame: from n/a through 5.0. | |||||
| CVE-2024-34760 | 2024-05-17 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPBlockart Magazine Blocks allows Stored XSS.This issue affects Magazine Blocks: from n/a through 1.3.6. | |||||
| CVE-2024-34752 | 2024-05-17 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PluginOps Landing Page Builder allows Reflected XSS.This issue affects Landing Page Builder: from n/a through 1.5.1.8. | |||||
| CVE-2024-34575 | 2024-05-17 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This issue affects DethemeKit For Elementor: from n/a through 2.1.2. | |||||
| CVE-2024-34757 | 2024-05-17 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Visualmodo Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg allows Stored XSS.This issue affects Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg: from n/a through 1.5.3. | |||||
| CVE-2024-32800 | 2024-05-17 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Felix Moira Popup More Popups allows Stored XSS.This issue affects Popup More Popups: from n/a through 2.3.1. | |||||
| CVE-2024-34567 | 2024-05-17 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GhozyLab, Inc. Popup Builder allows Stored XSS.This issue affects Popup Builder: from n/a through 1.1.29. | |||||
| CVE-2023-5597 | 2024-05-17 | N/A | 5.4 MEDIUM | ||
| A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code. | |||||
| CVE-2024-2404 | 1 Utopique | 1 Better Comments | 2024-05-17 | N/A | 5.4 MEDIUM |
| The Better Comments WordPress plugin before 1.5.6 does not sanitise and escape some of its settings, which could allow low privilege users such as Subscribers to perform Stored Cross-Site Scripting attacks. | |||||
| CVE-2024-4922 | 2024-05-17 | 4.0 MEDIUM | 3.5 LOW | ||
| A vulnerability, which was classified as problematic, was found in SourceCodester Simple Image Stack Website 1.0. This affects an unknown part. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-264459. | |||||
| CVE-2024-4797 | 2024-05-17 | 4.0 MEDIUM | 3.5 LOW | ||
| A vulnerability was found in Campcodes Online Laundry Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /ajax.php. The manipulation of the argument name/customer_name/username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263896. | |||||
| CVE-2024-4728 | 2024-05-17 | 4.0 MEDIUM | 3.5 LOW | ||
| A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/court. The manipulation of the argument court_name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-263806 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-4727 | 2024-05-17 | 4.0 MEDIUM | 3.5 LOW | ||
| A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/court-type. The manipulation of the argument court_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263805 was assigned to this vulnerability. | |||||
| CVE-2024-4721 | 2024-05-17 | 4.0 MEDIUM | 3.5 LOW | ||
| A vulnerability classified as problematic has been found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /model/add_student_subject.php. The manipulation of the argument index leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263799. | |||||
| CVE-2024-4719 | 2024-05-17 | 4.0 MEDIUM | 3.5 LOW | ||
| A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /model/delete_record.php. The manipulation of the argument page leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263797 was assigned to this vulnerability. | |||||
| CVE-2024-4717 | 2024-05-17 | 4.0 MEDIUM | 3.5 LOW | ||
| A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /model/update_classroom.php. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263795. | |||||
| CVE-2024-4688 | 2024-05-17 | 4.0 MEDIUM | 3.5 LOW | ||
| A vulnerability classified as problematic was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/conversation_history_admin.php. The manipulation of the argument conversation_id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263629 was assigned to this vulnerability. | |||||