Total
35377 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-51300 | 1 Phpjabbers | 1 Hotel Booking System | 2025-04-22 | N/A | 6.1 MEDIUM |
| PHPJabbers Hotel Booking System v4.0 is vulnerable to Cross-Site Scripting (XSS) vulnerabilities in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key" parameters. | |||||
| CVE-2022-46904 | 1 Websoft | 1 Websoft Hcm | 2025-04-22 | N/A | 5.4 MEDIUM |
| Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS. | |||||
| CVE-2022-46903 | 1 Websoft | 1 Websoft Hcm | 2025-04-22 | N/A | 5.4 MEDIUM |
| Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS. | |||||
| CVE-2022-45970 | 1 Alist Project | 1 Alist | 2025-04-22 | N/A | 5.4 MEDIUM |
| Alist v3.5.1 is vulnerable to Cross Site Scripting (XSS) via the bulletin board. | |||||
| CVE-2022-46905 | 1 Websoft | 1 Websoft Hcm | 2025-04-22 | N/A | 6.1 MEDIUM |
| Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS. | |||||
| CVE-2024-40069 | 1 Oretnom23 | 1 Online Id Generator System | 2025-04-22 | N/A | 5.4 MEDIUM |
| Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting (XSS) via id_generator/classes/Users.php?f=save, and the point of vulnerability is in the POST parameter 'firstname' and 'lastname'. | |||||
| CVE-2024-40074 | 1 Oretnom23 | 1 Online Id Generator System | 2025-04-22 | N/A | 4.8 MEDIUM |
| Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting (XSS) via id_generator/classes/SystemSettings.php?f=update_settings, and the point of vulnerability is in the POST parameter 'short_name'. | |||||
| CVE-2024-28276 | 1 Rems | 1 School Task Manager | 2025-04-22 | N/A | 6.1 MEDIUM |
| Sourcecodester School Task Manager 1.0 is vulnerable to Cross Site Scripting (XSS) via add-task.php?task_name=. | |||||
| CVE-2024-34230 | 1 Sourcecodester | 1 Laboratory Management System | 2025-04-22 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Information parameter. | |||||
| CVE-2024-34231 | 1 Sourcecodester | 1 Laboratory Management System | 2025-04-22 | N/A | 7.1 HIGH |
| A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name parameter. | |||||
| CVE-2024-33304 | 1 Oretnom23 | 1 Product Show Room Site | 2025-04-22 | N/A | 6.1 MEDIUM |
| SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" under Add Users. | |||||
| CVE-2024-33306 | 1 Sourcecodester | 1 Laboratory Management System | 2025-04-22 | N/A | 7.4 HIGH |
| SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" parameter in Create User. | |||||
| CVE-2024-33307 | 1 Sourcecodester | 1 Laboratory Management System | 2025-04-22 | N/A | 5.4 MEDIUM |
| SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" parameter in Create User. | |||||
| CVE-2024-33302 | 1 Oretnom23 | 1 Product Show Room Site | 2025-04-22 | N/A | 5.3 MEDIUM |
| SourceCodester Product Show Room 1.0 and before is vulnerable to Cross Site Scripting (XSS) via "Middle Name" under Add Users. | |||||
| CVE-2024-33303 | 1 Oretnom23 | 1 Product Show Room Site | 2025-04-22 | N/A | 8.2 HIGH |
| SourceCodester Product Show Room 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" under Add Users. | |||||
| CVE-2022-42141 | 1 Deltaww | 2 Dx-2100-l1-cn, Dx-2100-l1-cn Firmware | 2025-04-22 | N/A | 5.4 MEDIUM |
| Delta Electronics DX-2100-L1-CN 2.42 is vulnerable to Cross Site Scripting (XSS) via lform/urlfilter. | |||||
| CVE-2022-31358 | 1 Proxmox | 1 Virtual Environment | 2025-04-22 | N/A | 9.0 CRITICAL |
| A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/. | |||||
| CVE-2024-33305 | 1 Sourcecodester | 1 Laboratory Management System | 2025-04-22 | N/A | 6.1 MEDIUM |
| SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Middle Name" parameter in Create User. | |||||
| CVE-2022-34560 | 1 Phpfox | 1 Phpfox | 2025-04-22 | N/A | 7.1 HIGH |
| A cross-site scripting (XSS) vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter. | |||||
| CVE-2022-34561 | 1 Phpfox | 1 Phpfox | 2025-04-22 | N/A | 4.3 MEDIUM |
| A cross-site scripting (XSS) vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter. | |||||