Filtered by CWE-79
Total 30498 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-3073 1 Corebos 1 Corebos 2024-08-02 5.4 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8 via evvtgendoc.
CVE-2023-3016 1 Vip Video Analysis Project 1 Vip Video Analysis 2024-08-02 3.5 Low
A vulnerability was found in yiwent Vip Video Analysis 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/admincore.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230360.
CVE-2023-3067 1 Trilium Project 1 Trilium 2024-08-02 5.4 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium prior to 0.59.4.
CVE-2023-3084 1 Teampass 1 Teampass 2024-08-02 8.1 High
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVE-2023-3060 1 Agro-school Management System Project 1 Agro-school Management System 2024-08-02 3.5 Low
A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as problematic. This vulnerability affects the function doAddQuestion of the file btn_functions.php. The manipulation of the argument Question leads to cross site scripting. The attack can be initiated remotely. VDB-230566 is the identifier assigned to this vulnerability.
CVE-2023-2999 1 Phpmyfaq 1 Phpmyfaq 2024-08-02 6.1 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.14.
CVE-2023-3005 1 Local Service Search Engine Management System Project 1 Local Service Search Engine Management System 2024-08-02 3.5 Low
A vulnerability, which was classified as problematic, was found in SourceCodester Local Service Search Engine Management System 1.0. This affects an unknown part of the file /admin/ajax.php?action=save_area of the component POST Parameter Handler. The manipulation of the argument area with the input <script>alert(document.cookie)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230349 was assigned to this vulnerability.
CVE-2023-3074 1 Corebos 1 Corebos 2024-08-02 5.4 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.
CVE-2023-3058 1 07fly 1 Customer Relationship Management 2024-08-02 3.5 Low
A vulnerability was found in 07FLY CRM up to 1.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component User Profile Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230560.
CVE-2023-3086 1 Teampass 1 Teampass 2024-08-02 9.0 Critical
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVE-2023-3035 1 Gougucms 1 Pythagorean Oa Office System 2024-08-02 3.5 Low
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Schedule Handler. The manipulation of the argument description leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230467.
CVE-2023-3021 1 Scilico 1 I\, Librarian 2024-08-02 5.4 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository mkucej/i-librarian-free prior to 5.10.4.
CVE-2023-3071 1 Tsolucio 1 Corebos 2024-08-02 5.4 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.
CVE-2023-3020 1 Scilicot 1 I\, Librarian 2024-08-02 6.1 Medium
Cross-site Scripting (XSS) - Reflected in GitHub repository mkucej/i-librarian-free prior to 5.10.4.
CVE-2023-3014 1 Beipyvideoresolution Project 1 Beipyvideoresolution 2024-08-02 3.5 Low
A vulnerability, which was classified as problematic, was found in BeipyVideoResolution up to 2.6. Affected is an unknown function of the file admin/admincore.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-230358 is the identifier assigned to this vulnerability.
CVE-2023-3083 1 Teampass 1 Teampass 2024-08-02 8.7 High
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVE-2023-3010 1 Grafana 1 Worldmap Panel 2024-08-02 7.3 High
Grafana is an open-source platform for monitoring and observability. The WorldMap panel plugin, versions before 1.0.4 contains a DOM XSS vulnerability.
CVE-2023-3070 1 Corebos 1 Corebos 2024-08-02 5.4 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8.
CVE-2023-3085 1 X-wrt 1 Luci 2024-08-02 3.5 Low
A vulnerability, which was classified as problematic, has been found in X-WRT luci up to 22.10_b202303061504. This issue affects the function run_action of the file modules/luci-base/ucode/dispatcher.uc of the component 404 Error Template Handler. The manipulation of the argument request_path leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 22.10_b202303121313 is able to address this issue. The patch is named 24d7da2416b9ab246825c33c213fe939a89b369c. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230663.
CVE-2023-2954 1 Djangoblog Project 1 Djangoblog 2024-08-02 5.4 Medium
Cross-site Scripting (XSS) - Stored in GitHub repository liangliangyy/djangoblog prior to master.