Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36398 | 1 Moodle | 1 Moodle | 2023-03-13 | N/A | 5.4 MEDIUM |
| In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk. | |||||
| CVE-2023-24737 | 1 Pmb Project | 1 Pmb | 2023-03-13 | N/A | 6.1 MEDIUM |
| PMB v7.4.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the query parameter at /admin/convert/export_z3950.php. | |||||
| CVE-2023-24733 | 1 Pmb Project | 1 Pmb | 2023-03-13 | N/A | 6.1 MEDIUM |
| PMB v7.4.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the query parameter at /admin/convert/export_z3950_new.php. | |||||
| CVE-2015-10095 | 1 Woo-popup Project | 1 Woo-popup | 2023-03-13 | N/A | 6.1 MEDIUM |
| A vulnerability classified as problematic has been found in woo-popup Plugin up to 1.2.2. This affects an unknown part of the file admin/class-woo-popup-admin.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.3.0 is able to address this issue. The name of the patch is 7c76ac78f3e16015991b612ff4fa616af4ce9292. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222327. | |||||
| CVE-2023-1238 | 1 Answer | 1 Answer | 2023-03-13 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-1237 | 1 Answer | 1 Answer | 2023-03-13 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-1239 | 1 Answer | 1 Answer | 2023-03-13 | N/A | 4.8 MEDIUM |
| Cross-site Scripting (XSS) - Reflected in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-1242 | 1 Answer | 1 Answer | 2023-03-13 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-1243 | 1 Answer | 1 Answer | 2023-03-13 | N/A | 4.8 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-1240 | 1 Answer | 1 Answer | 2023-03-13 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-1241 | 1 Answer | 1 Answer | 2023-03-13 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-1245 | 1 Answer | 1 Answer | 2023-03-13 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-1244 | 1 Answer | 1 Answer | 2023-03-13 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. | |||||
| CVE-2023-0064 | 1 Eaglevisionit | 1 Evision Responsive Column Layout Shortcodes | 2023-03-13 | N/A | 5.4 MEDIUM |
| The eVision Responsive Column Layout Shortcodes WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | |||||
| CVE-2023-27212 | 1 Online Pizza Ordering System Project | 1 Online Pizza Ordering System | 2023-03-12 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in /php-opos/signup.php of Online Pizza Ordering System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the redirect parameter. | |||||
| CVE-2023-27211 | 1 Online Pizza Ordering System Project | 1 Online Pizza Ordering System | 2023-03-12 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in /admin/navbar.php of Online Pizza Ordering System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the page parameter. | |||||
| CVE-2023-27206 | 1 Best Pos Management System Project | 1 Best Pos Management System | 2023-03-12 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in /kruxton/navbar.php of Best POS Management System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the page parameter. | |||||
| CVE-2023-27208 | 1 Online Pizza Ordering System Project | 1 Online Pizza Ordering System | 2023-03-12 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in /php-opos/login.php of Online Pizza Ordering System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the redirect parameter. | |||||
| CVE-2023-26950 | 1 Onekeyadmin | 1 Onekeyadmin | 2023-03-12 | N/A | 5.4 MEDIUM |
| onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Title parameter under the Adding Categories module. | |||||
| CVE-2023-26952 | 1 Onekeyadmin | 1 Onekeyadmin | 2023-03-12 | N/A | 5.4 MEDIUM |
| onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Menu module. | |||||