Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (361167 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-43359 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu component.
CVE-2023-43358 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component.
CVE-2023-43357 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the Manage Shortcuts component.
CVE-2023-43356 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Global Meatadata parameter in the Global Settings Menu component.
CVE-2023-43355 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component.
CVE-2023-43354 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor component.
CVE-2023-43353 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 5.4 Medium
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component.
CVE-2023-43352 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 7.8 High
An issue in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload to the Content Manager Menu component.
CVE-2023-43346 1 Opensolution 1 Quick Cms 2024-11-21 5.4 Medium
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component.
CVE-2023-43345 1 Opensolution 1 Quick Cms 2024-11-21 8.6 High
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component.
CVE-2023-43344 1 Opensolution 1 Quick Cms 2024-11-21 5.4 Medium
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component.
CVE-2023-43343 1 Opensolution 1 Quick Cms 2024-11-21 5.4 Medium
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component.
CVE-2023-43342 1 Opensolution 1 Quick Cms 2024-11-21 5.4 Medium
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Languages Menu component.
CVE-2023-43341 1 Evo 1 Evolution Cms 2024-11-21 6.1 Medium
Cross-site scripting (XSS) vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter.
CVE-2023-43340 1 Evo 1 Evolution Cms 2024-11-21 5.2 Medium
Cross-site scripting (XSS) vulnerability in evolution v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters
CVE-2023-43339 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 6.1 Medium
Cross-Site Scripting (XSS) vulnerability in cmsmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload injected into the Database Name, DataBase User or Database Port components.
CVE-2023-43338 1 Cesanta 1 Mjs 2024-11-21 9.8 Critical
Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). This vulnerability allows attackers to execute arbitrary code via a crafted input.
CVE-2023-43336 1 Sangoma 1 Freepbx 2024-11-21 8.8 High
Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to contain an access control issue via a modified parameter value, e.g., changing extension=self to extension=101.
CVE-2023-43331 1 Small Crm Project 1 Small Crm 2024-11-21 5.4 Medium
A cross-site scripting (XSS) vulnerability in the Add User function of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-43326 1 Moosocial 1 Moosocial 2024-11-21 6.1 Medium
A reflected cross-site scripting (XSS) vulnerability exisits in multiple url of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL.