Total
39561 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-54003 | 1 Jenkins | 1 Simple Queue | 2025-10-03 | N/A | 8.0 HIGH |
| Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with View/Create permission. | |||||
| CVE-2025-46786 | 2025-10-02 | N/A | 4.3 MEDIUM | ||
| Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to impact app integrity via network access. | |||||
| CVE-2025-30664 | 2025-10-02 | N/A | 6.6 MEDIUM | ||
| Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. | |||||
| CVE-2025-10234 | 1 Scada-lts | 1 Scada-lts | 2025-10-02 | 3.3 LOW | 2.4 LOW |
| A vulnerability was detected in Scada-LTS up to 2.7.8.1. This vulnerability affects unknown code of the file /data_point_edit.shtm of the component Data Point Edit Module. The manipulation of the argument Text Renderer properties results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-10235 | 1 Scada-lts | 1 Scada-lts | 2025-10-02 | 3.3 LOW | 2.4 LOW |
| A flaw has been found in Scada-LTS up to 2.7.8.1. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-10366 | 1 Sourcefabric | 1 Rpi-jukebox-rfid | 2025-10-02 | 4.0 MEDIUM | 3.5 LOW |
| A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email address causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-59755 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_CAT.ASP'. | |||||
| CVE-2025-59754 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_original.ASP'. | |||||
| CVE-2025-59753 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_BET.ASP'. | |||||
| CVE-2025-59752 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_LXA.ASP'. | |||||
| CVE-2025-59751 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_DJO.ASP'. | |||||
| CVE-2025-59750 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM.ASP'. | |||||
| CVE-2025-59764 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_FCC.ASP'. | |||||
| CVE-2025-59763 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_EK.ASP'. | |||||
| CVE-2025-59762 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_DLG.ASP'. | |||||
| CVE-2025-59761 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_DLG.ASP'. | |||||
| CVE-2025-59760 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_DHL.ASP'. | |||||
| CVE-2025-59759 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_DELCROIX.ASP'. | |||||
| CVE-2025-59758 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_CYLOG.ASP'. | |||||
| CVE-2025-59757 | 1 Andsoft | 1 E-tms | 2025-10-02 | N/A | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in '/clt/LOGINFRM_CATOLD.ASP'. | |||||