Total
30498 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-3073 | 1 Corebos | 1 Corebos | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8 via evvtgendoc. | ||||
CVE-2023-3016 | 1 Vip Video Analysis Project | 1 Vip Video Analysis | 2024-08-02 | 3.5 Low |
A vulnerability was found in yiwent Vip Video Analysis 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/admincore.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230360. | ||||
CVE-2023-3067 | 1 Trilium Project | 1 Trilium | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium prior to 0.59.4. | ||||
CVE-2023-3084 | 1 Teampass | 1 Teampass | 2024-08-02 | 8.1 High |
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | ||||
CVE-2023-3060 | 1 Agro-school Management System Project | 1 Agro-school Management System | 2024-08-02 | 3.5 Low |
A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as problematic. This vulnerability affects the function doAddQuestion of the file btn_functions.php. The manipulation of the argument Question leads to cross site scripting. The attack can be initiated remotely. VDB-230566 is the identifier assigned to this vulnerability. | ||||
CVE-2023-2999 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-08-02 | 6.1 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.14. | ||||
CVE-2023-3005 | 1 Local Service Search Engine Management System Project | 1 Local Service Search Engine Management System | 2024-08-02 | 3.5 Low |
A vulnerability, which was classified as problematic, was found in SourceCodester Local Service Search Engine Management System 1.0. This affects an unknown part of the file /admin/ajax.php?action=save_area of the component POST Parameter Handler. The manipulation of the argument area with the input <script>alert(document.cookie)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230349 was assigned to this vulnerability. | ||||
CVE-2023-3074 | 1 Corebos | 1 Corebos | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. | ||||
CVE-2023-3058 | 1 07fly | 1 Customer Relationship Management | 2024-08-02 | 3.5 Low |
A vulnerability was found in 07FLY CRM up to 1.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component User Profile Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230560. | ||||
CVE-2023-3086 | 1 Teampass | 1 Teampass | 2024-08-02 | 9.0 Critical |
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | ||||
CVE-2023-3035 | 1 Gougucms | 1 Pythagorean Oa Office System | 2024-08-02 | 3.5 Low |
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Schedule Handler. The manipulation of the argument description leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230467. | ||||
CVE-2023-3021 | 1 Scilico | 1 I\, Librarian | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository mkucej/i-librarian-free prior to 5.10.4. | ||||
CVE-2023-3071 | 1 Tsolucio | 1 Corebos | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. | ||||
CVE-2023-3020 | 1 Scilicot | 1 I\, Librarian | 2024-08-02 | 6.1 Medium |
Cross-site Scripting (XSS) - Reflected in GitHub repository mkucej/i-librarian-free prior to 5.10.4. | ||||
CVE-2023-3014 | 1 Beipyvideoresolution Project | 1 Beipyvideoresolution | 2024-08-02 | 3.5 Low |
A vulnerability, which was classified as problematic, was found in BeipyVideoResolution up to 2.6. Affected is an unknown function of the file admin/admincore.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-230358 is the identifier assigned to this vulnerability. | ||||
CVE-2023-3083 | 1 Teampass | 1 Teampass | 2024-08-02 | 8.7 High |
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | ||||
CVE-2023-3010 | 1 Grafana | 1 Worldmap Panel | 2024-08-02 | 7.3 High |
Grafana is an open-source platform for monitoring and observability. The WorldMap panel plugin, versions before 1.0.4 contains a DOM XSS vulnerability. | ||||
CVE-2023-3070 | 1 Corebos | 1 Corebos | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository tsolucio/corebos prior to 8. | ||||
CVE-2023-3085 | 1 X-wrt | 1 Luci | 2024-08-02 | 3.5 Low |
A vulnerability, which was classified as problematic, has been found in X-WRT luci up to 22.10_b202303061504. This issue affects the function run_action of the file modules/luci-base/ucode/dispatcher.uc of the component 404 Error Template Handler. The manipulation of the argument request_path leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 22.10_b202303121313 is able to address this issue. The patch is named 24d7da2416b9ab246825c33c213fe939a89b369c. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230663. | ||||
CVE-2023-2954 | 1 Djangoblog Project | 1 Djangoblog | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository liangliangyy/djangoblog prior to master. |