Total
38480 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1766 | 1 Akbim | 1 Panon | 2024-11-21 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akbim Computer Panon allows Reflected XSS.This issue affects Panon: before 1.0.2. | |||||
| CVE-2023-1761 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 6.3 MEDIUM |
| Cross-site Scripting in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | |||||
| CVE-2023-1760 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 4.8 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | |||||
| CVE-2023-1759 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 4.8 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | |||||
| CVE-2023-1757 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | |||||
| CVE-2023-1756 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 4.7 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | |||||
| CVE-2023-1755 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | |||||
| CVE-2023-1754 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A | 4.7 MEDIUM |
| Improper Neutralization of Input During Web Page Generation in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | |||||
| CVE-2023-1743 | 1 Grade Point Average \(gpa\) Calculator Project | 1 Grade Point Average \(gpa\) Calculator | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability classified as problematic has been found in SourceCodester Grade Point Average GPA Calculator 1.0. This affects an unknown part of the file index.php. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224631. | |||||
| CVE-2023-1726 | 1 Prolizyazilim | 1 Student Affairs Information System | 2024-11-21 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proliz OBS allows Stored XSS for an authenticated user.This issue affects OBS: before 23.04.01. | |||||
| CVE-2023-1724 | 1 Ladybirdweb | 1 Faveo Helpdesk | 2024-11-21 | N/A | 7.3 HIGH |
| Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS. | |||||
| CVE-2023-1717 | 1 Bitrix24 | 1 Bitrix24 | 2024-11-21 | N/A | 9.6 CRITICAL |
| Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript code in the victim’s browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via polluting `__proto__[tag]` and `__proto__[text]`. | |||||
| CVE-2023-1716 | 1 Bitrix24 | 1 Bitrix24 | 2024-11-21 | N/A | 9.0 CRITICAL |
| Cross-site scripting (XSS) vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege. | |||||
| CVE-2023-1715 | 1 Bitrix24 | 1 Bitrix24 | 2024-11-21 | N/A | 9.0 CRITICAL |
| A logic error when using mb_strpos() to check for potential XSS payload in Bitrix24 22.0.300 allows attackers to bypass XSS sanitisation via placing HTML tags at the begining of the payload. | |||||
| CVE-2023-1704 | 1 Pimcore | 1 Pimcore | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.20. | |||||
| CVE-2023-1703 | 1 Pimcore | 1 Pimcore | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20. | |||||
| CVE-2023-1702 | 1 Pimcore | 1 Pimcore | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20. | |||||
| CVE-2023-1701 | 1 Pimcore | 1 Pimcore | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.20. | |||||
| CVE-2023-1690 | 1 Earnings And Expense Tracker App Project | 1 Earnings And Expense Tracker App | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability, which was classified as problematic, has been found in SourceCodester Earnings and Expense Tracker App 1.0. This issue affects some unknown processing of the file LoginRegistration.php?a=register_user. The manipulation of the argument fullname leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-224309 was assigned to this vulnerability. | |||||
| CVE-2023-1689 | 1 Earnings And Expense Tracker App Project | 1 Earnings And Expense Tracker App | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability classified as problematic was found in SourceCodester Earnings and Expense Tracker App 1.0. This vulnerability affects unknown code of the file Master.php?a=save_earning. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-224308. | |||||