Total
38473 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1609 | 1 Crmeb | 1 Crmeb Java | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been rated as problematic. This issue affects the function save of the file /api/admin/store/product/save. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223739. | |||||
| CVE-2023-1593 | 1 Automatic Question Paper Generator System Project | 1 Automatic Question Paper Generator System | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability, which was classified as problematic, has been found in SourceCodester Automatic Question Paper Generator System 1.0. This issue affects some unknown processing of the file classes/Master.php?f=save_class. The manipulation of the argument description leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-223661 was assigned to this vulnerability. | |||||
| CVE-2023-1573 | 1 Datagear | 1 Datagear | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in DataGear up to 1.11.1 and classified as problematic. This issue affects some unknown processing of the component Graph Dataset Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.12.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-223565 was assigned to this vulnerability. | |||||
| CVE-2023-1572 | 1 Datagear | 1 Datagear | 2024-11-21 | 1.4 LOW | 2.0 LOW |
| A vulnerability has been found in DataGear up to 1.11.1 and classified as problematic. This vulnerability affects unknown code of the component Plugin Handler. The manipulation leads to cross site scripting. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Upgrading to version 1.12.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-223564. | |||||
| CVE-2023-1569 | 1 E-commerce System Project | 1 E-commerce System | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability classified as problematic was found in SourceCodester E-Commerce System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/user/controller.php?action=edit. The manipulation of the argument U_NAME with the input <script>alert('1')</script> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223561 was assigned to this vulnerability. | |||||
| CVE-2023-1568 | 1 Oretnom23 | 1 Student Study Center Desk Management System | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability classified as problematic has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file /admin/reports/index.php of the component GET Parameter Handler. The manipulation of the argument date_to leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223560. | |||||
| CVE-2023-1567 | 1 Oretnom23 | 1 Student Study Center Desk Management System | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/assign/assign.php. The manipulation of the argument sid leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223559. | |||||
| CVE-2023-1565 | 1 Feifeicms | 1 Feifeicms | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in FeiFeiCMS 2.7.130201. It has been classified as problematic. This affects an unknown part of the file \Public\system\slide_add.html of the component Extension Tool. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223557 was assigned to this vulnerability. | |||||
| CVE-2023-1536 | 1 Answer | 1 Answer | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7. | |||||
| CVE-2023-1535 | 1 Answer | 1 Answer | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.7. | |||||
| CVE-2023-1527 | 1 Corebos | 1 Corebos | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Generic in GitHub repository tsolucio/corebos prior to 8.0. | |||||
| CVE-2023-1517 | 1 Pimcore | 1 Pimcore | 2024-11-21 | N/A | 4.8 MEDIUM |
| Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.19. | |||||
| CVE-2023-1515 | 1 Pimcore | 1 Pimcore | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.19. | |||||
| CVE-2023-1507 | 1 E-commerce System Project | 1 E-commerce System | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ecommerce/admin/category/controller.php of the component Category Name Handler. The manipulation of the argument CATEGORY leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223411. | |||||
| CVE-2023-1500 | 1 Code-projects | 1 Simple Art Gallery | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability, which was classified as problematic, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality of the file adminHome.php. The manipulation of the argument about_info leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223400. | |||||
| CVE-2023-1496 | 1 Evilmartians | 1 Imgproxy | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0. | |||||
| CVE-2023-1485 | 1 Young Entrepreneur E-negosyo System Project | 1 Young Entrepreneur E-negosyo System | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability classified as problematic has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. This affects an unknown part of the file /bsenordering/index.php of the component GET Parameter Handler. The manipulation of the argument category with the input <script>alert(222)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223371. | |||||
| CVE-2023-1481 | 1 Monitoring Of Students Cyber Accounts System Project | 1 Monitoring Of Students Cyber Accounts System | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability, which was classified as problematic, has been found in SourceCodester Monitoring of Students Cyber Accounts System 1.0. Affected by this issue is some unknown functionality of the file modules/balance/index.php?view=balancelist of the component POST Parameter Handler. The manipulation of the argument id with the input "><script>alert(111)</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223364. | |||||
| CVE-2023-1447 | 1 Medicine Tracker System Project | 1 Medicine Tracker System | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability, which was classified as problematic, has been found in SourceCodester Medicine Tracker System 1.0. Affected by this issue is some unknown functionality of the file app/?page=medicines/manage_medicine. The manipulation of the argument name/description with the input <script>alert('2')</script> leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-223292. | |||||
| CVE-2023-1429 | 1 Pimcore | 1 Pimcore | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.19. | |||||