Export limit exceeded: 47085 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47085 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-10121 1 Beeliked 1 Beeliked 2024-11-21 3.5 Low
A vulnerability has been found in Beeliked Microsite Plugin up to 1.0.1 on WordPress and classified as problematic. Affected by this vulnerability is the function embed_handler of the file beelikedmicrosite.php. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.0.2 is able to address this issue. The identifier of the patch is d23bafb5d05fb2636a2b78331f9d3fca152903dc. It is recommended to upgrade the affected component. The identifier VDB-233365 was assigned to this vulnerability.
CVE-2023-3853 1 Phpscriptpoint 1 Bloodbank 2024-11-21 3.5 Low
A vulnerability was found in phpscriptpoint BloodBank 1.1. It has been rated as problematic. This issue affects some unknown processing of the file page.php. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-235205 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-3884 1 Campcodes 1 Beauty Salon Management System 2024-11-21 3.5 Low
A vulnerability has been found in Campcodes Beauty Salon Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/edit_product.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235246 is the identifier assigned to this vulnerability.
CVE-2023-6313 1 Url Shortener Project 1 Url Shortener 2024-11-21 3.5 Low
A vulnerability was found in SourceCodester URL Shortener 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Long URL Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246139.
CVE-2023-6465 1 Phpgurukul 1 Nipah Virus Testing Management System 2024-11-21 4.3 Medium
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as problematic. This affects an unknown part of the file registered-user-testing.php. The manipulation of the argument regmobilenumber leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246615.
CVE-2023-6613 1 Typecho 1 Typecho 2024-11-21 2.4 Low
A vulnerability classified as problematic has been found in Typecho 1.2.1. Affected is an unknown function of the file /admin/options-theme.php of the component Logo Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-247248. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-6650 1 Oretnom23 1 Simple Invoice Generator System 2024-11-21 4.3 Medium
A vulnerability was found in SourceCodester Simple Invoice Generator System 1.0 and classified as problematic. This issue affects some unknown processing of the file login.php. The manipulation of the argument cashier leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-247343.
CVE-2024-47486 1 Hikvision 1 Hikcentral Master 2024-11-21 6.1 Medium
There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could inject scripts into certain pages by building malicious data.
CVE-2023-4115 1 Phpjabbers 1 Cleaning Business Software 2024-11-21 4.3 Medium
A vulnerability classified as problematic has been found in PHP Jabbers Cleaning Business 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument index leads to cross site scripting. It is possible to launch the attack remotely. VDB-235962 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-4382 1 Tdevs 1 Hyip Rio 2024-11-21 3.5 Low
A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Settings. The manipulation of the argument avatar leads to cross site scripting. The attack may be launched remotely. VDB-237314 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-36623 1 Loxone 2 Miniserver Go Gen 2, Miniserver Go Gen 2 Firmware 2024-11-21 7.8 High
The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges.
CVE-2023-34338 1 Ami 1 Megarac Sp-x 2024-11-21 7.1 High
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. 
CVE-2023-34473 1 Ami 1 Megarac Sp-x 2024-11-21 6.6 Medium
AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
CVE-2023-6767 1 Remyandrade 1 Wedding Guest E-book 2024-11-21 4.3 Medium
A vulnerability, which was classified as problematic, was found in SourceCodester Wedding Guest e-Book 1.0. This affects an unknown part of the file /endpoint/add-guest.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-247899.
CVE-2023-6945 1 Mayurik 1 Online Student Management System 2024-11-21 2.4 Low
A vulnerability has been found in SourceCodester Online Student Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file edit-student-detail.php. The manipulation of the argument notmsg leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248377 was assigned to this vulnerability.
CVE-2023-7059 1 Remyandrade 1 School Visitor Log E-book 2024-11-21 3.5 Low
A vulnerability was found in SourceCodester School Visitor Log e-Book 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file log-book.php. The manipulation of the argument Full Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248750 is the identifier assigned to this vulnerability.
CVE-2023-7076 1 My-aac 1 Myaac 2024-11-21 3.5 Low
A vulnerability was found in slawkens MyAAC up to 0.8.13. It has been declared as problematic. This vulnerability affects unknown code of the file system/pages/bugtracker.php. The manipulation of the argument bug[2]['subject']/bug[2]['text']/report['subject'] leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.8.14 is able to address this issue. The name of the patch is 83a91ec540072d319dd338abff45f8d5ebf48190. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248848.
CVE-2015-10127 1 Bestwebsoft 1 Pluscaptcha 2024-11-21 3.5 Low
A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.14 is able to address this issue. The patch is identified as 1274afc635170daafd38306487b6bb8a01f78ecd. It is recommended to upgrade the affected component. VDB-248954 is the identifier assigned to this vulnerability.
CVE-2024-7225 1 Munyweki 1 Insurance Management System 2024-11-21 3.5 Low
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /Script/admin/core/update_policy of the component Edit Insurance Policy Page. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272805 was assigned to this vulnerability.
CVE-2024-7200 1 Oretnom23 1 Complaints Report Management System 2024-11-21 3.5 Low
A vulnerability, which was classified as problematic, has been found in SourceCodester Complaints Report Management System 1.0. This issue affects some unknown processing of the file /admin/ajax.php?action=save_settings. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272621 was assigned to this vulnerability.