Total
30728 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24374 | 1 Material Design Icons For Page Builders Project | 1 Material Design Icons For Page Builders | 2024-08-02 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Photon WP Material Design Icons for Page Builders plugin <= 1.4.2 versions. | ||||
| CVE-2023-24399 | 1 Oceanwp | 1 Ocean Extra | 2024-08-02 | 5.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in OceanWP Ocean Extra plugin <= 2.1.2 versions. | ||||
| CVE-2023-24386 | 1 Ai Contact Us Form Project | 1 Ai Contact Us Form | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Karishma Arora AI Contact Us Form plugin <= 1.0 versions. | ||||
| CVE-2023-24378 | 1 Codeat | 1 Glossary | 2024-08-02 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Codeat Glossary plugin <= 2.1.27 versions. | ||||
| CVE-2023-24392 | 1 I13websolution | 1 Full Width Banner Slider Wp | 2024-08-02 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin <= 1.1.7 versions. | ||||
| CVE-2023-24322 | 1 Mojoportal | 1 Mojoportal | 2024-08-02 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the FileDialog.aspx component of mojoPortal v2.7.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ed and tbi parameters. | ||||
| CVE-2023-24282 | 1 Poly | 2 Trio 8800, Trio 8800 Firmware | 2024-08-02 | 5.4 Medium |
| An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file. | ||||
| CVE-2023-24278 | 1 Squidex.io | 1 Squidex | 2024-08-02 | 6.1 Medium |
| Squidex before 7.4.0 was discovered to contain a squid.svg cross-site scripting (XSS) vulnerability. | ||||
| CVE-2023-24387 | 1 Wpdevart | 1 Organization Chart | 2024-08-02 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart Organization chart plugin <= 1.4.4 versions. | ||||
| CVE-2023-24234 | 1 Inventory Management System Project | 1 Inventory Management System | 2024-08-02 | 4.8 Medium |
| A stored cross-site scripting (XSS) vulnerability in the component php-inventory-management-system/brand.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Brand Name parameter. | ||||
| CVE-2023-24279 | 1 Opennetworking | 1 Onos | 2024-08-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard. | ||||
| CVE-2023-24233 | 1 Inventory Management System Project | 1 Inventory Management System | 2024-08-02 | 4.8 Medium |
| A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/orders.php?o=add of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Client Name parameter. | ||||
| CVE-2023-24251 | 1 Wangeditor | 1 Wangeditor | 2024-08-02 | 5.4 Medium |
| WangEditor v5 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /dist/index.js. | ||||
| CVE-2023-24197 | 1 Online Food Ordering System Project | 1 Online Food Ordering System | 2024-08-02 | 6.1 Medium |
| Online Food Ordering System v2 was discovered to contain a SQL injection vulnerability via the id parameter at view_order.php. | ||||
| CVE-2023-24191 | 1 Online Food Ordering System Project | 1 Online Food Ordering System | 2024-08-02 | 6.1 Medium |
| Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in signup.php. | ||||
| CVE-2023-24231 | 1 Inventory Management System Project | 1 Inventory Management System | 2024-08-02 | 4.8 Medium |
| A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/categories.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Categories Name parameter. | ||||
| CVE-2023-24232 | 1 Inventory Management System Project | 1 Inventory Management System | 2024-08-02 | 4.8 Medium |
| A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/product.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter. | ||||
| CVE-2023-24192 | 1 Online Food Ordering System Project | 1 Online Food Ordering System | 2024-08-02 | 6.1 Medium |
| Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in login.php. | ||||
| CVE-2023-24194 | 1 Online Food Ordering System Project | 1 Online Food Ordering System | 2024-08-02 | 6.1 Medium |
| Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in navbar.php. | ||||
| CVE-2023-24195 | 1 Online Food Ordering System Project | 1 Online Food Ordering System | 2024-08-02 | 6.1 Medium |
| Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in index.php. | ||||