Total
30497 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-1761 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-08-02 | 6.3 Medium |
| Cross-site Scripting in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-1726 | 1 Prolizyazilim | 1 Student Affairs Information System | 2024-08-02 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proliz OBS allows Stored XSS for an authenticated user.This issue affects OBS: before 23.04.01. | ||||
| CVE-2023-1760 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-08-02 | 4.8 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-1796 | 1 Employee Payslip Generator System Project | 1 Employee Payslip Generator System | 2024-08-02 | 2.4 Low |
| A vulnerability classified as problematic has been found in SourceCodester Employee Payslip Generator 1.0. Affected is an unknown function of the file /classes/Master.php?f=save_position of the component Create News Handler. The manipulation of the argument name with the input <script>alert(document.cookie)</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224748. | ||||
| CVE-2023-1743 | 1 Grade Point Average \(gpa\) Calculator Project | 1 Grade Point Average \(gpa\) Calculator | 2024-08-02 | 3.5 Low |
| A vulnerability classified as problematic has been found in SourceCodester Grade Point Average GPA Calculator 1.0. This affects an unknown part of the file index.php. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224631. | ||||
| CVE-2023-1766 | 1 Akbim | 1 Panon | 2024-08-02 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akbim Computer Panon allows Reflected XSS.This issue affects Panon: before 1.0.2. | ||||
| CVE-2023-1767 | 1 Snyk | 1 Advisor | 2024-08-02 | 4.3 Medium |
| The Snyk Advisor website (https://snyk.io/advisor/) was vulnerable to a stored XSS prior to 28th March 2023. A feature of Snyk Advisor is to display the contents of a scanned package's Readme on its package health page. An attacker could create a package in NPM with an associated markdown README file containing XSS-able HTML tags. Upon Snyk Advisor importing the package, the XSS would run each time an end user browsed to the package's page on Snyk Advisor. | ||||
| CVE-2023-1701 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.20. | ||||
| CVE-2023-1795 | 1 Gadget Works Online Ordering System Project | 1 Gadget Works Online Ordering System | 2024-08-02 | 3.5 Low |
| A vulnerability was found in SourceCodester Gadget Works Online Ordering System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/products/index.php of the component GET Parameter Handler. The manipulation of the argument view with the input <script>alert(666)</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224747. | ||||
| CVE-2023-1772 | 1 Datagear | 1 Datagear | 2024-08-02 | 3.5 Low |
| A vulnerability was found in DataGear up to 4.5.1. It has been classified as problematic. This affects an unknown part of the component Diagram Type Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224673 was assigned to this vulnerability. | ||||
| CVE-2023-1686 | 1 Young Entrepreneur E-negosyo System Project | 1 Young Entrepreneur E-negosyo System | 2024-08-02 | 3.5 Low |
| A vulnerability was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file bsenordering/admin/category/index.php of the component GET Parameter Handler. The manipulation of the argument view with the input <script>alert(233)</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224243. | ||||
| CVE-2023-1756 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-08-02 | 4.7 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-1593 | 1 Automatic Question Paper Generator System Project | 1 Automatic Question Paper Generator System | 2024-08-02 | 3.5 Low |
| A vulnerability, which was classified as problematic, has been found in SourceCodester Automatic Question Paper Generator System 1.0. This issue affects some unknown processing of the file classes/Master.php?f=save_class. The manipulation of the argument description leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-223661 was assigned to this vulnerability. | ||||
| CVE-2023-1794 | 1 Police Crime Record Management System Project | 1 Police Crime Record Management System | 2024-08-02 | 3.5 Low |
| A vulnerability was found in SourceCodester Police Crime Record Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/casedetails.php of the component GET Parameter Handler. The manipulation of the argument id with the input "><script>alert(233)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-224746 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-1771 | 1 Grade Point Average \(gpa\) Calculator Project | 1 Grade Point Average \(gpa\) Calculator | 2024-08-02 | 3.5 Low |
| A vulnerability was found in SourceCodester Grade Point Average GPA Calculator 1.0 and classified as problematic. Affected by this issue is the function get_scale of the file Master.php. The manipulation of the argument perc leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224672. | ||||
| CVE-2023-1609 | 1 Crmeb | 1 Crmeb Java | 2024-08-02 | 3.5 Low |
| A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been rated as problematic. This issue affects the function save of the file /api/admin/store/product/save. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223739. | ||||
| CVE-2023-1746 | 1 Dreamer Cms Project | 1 Dreamer Cms | 2024-08-02 | 3.5 Low |
| A vulnerability, which was classified as problematic, was found in Dreamer CMS up to 3.5.0. Affected is an unknown function of the component File Upload Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-224634 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-1755 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-08-02 | 5.4 Medium |
| Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | ||||
| CVE-2023-1688 | 1 Oretnom23 | 1 Earnings And Expense Tracker Application | 2024-08-02 | 3.5 Low |
| A vulnerability classified as problematic has been found in SourceCodester Earnings and Expense Tracker App 1.0. This affects an unknown part of the file Master.php?a=save_expense. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-224307. | ||||
| CVE-2023-1703 | 1 Pimcore | 1 Pimcore | 2024-08-02 | 5.4 Medium |
| Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20. | ||||