Filtered by CWE-79
Total 30719 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-35681 1 Gvectors 1 Wpdiscuz 2024-08-02 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18.
CVE-2024-35640 2024-08-02 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tomas Cordero Safety Exit allows Stored XSS.This issue affects Safety Exit: from n/a through 1.7.0.
CVE-2024-35652 1 Vollstart 1 Event Tickets With Ticket Scanner 2024-08-02 7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Reflected XSS.This issue affects Event Tickets with Ticket Scanner: from n/a through 2.3.1.
CVE-2024-35655 2 Brave, Getbrave 2 Brave Popup Builder, Brave 2024-08-02 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through 0.6.9.
CVE-2024-35664 2 Wpvivid, Wpvivid Team 2 Wpvivid Backup For Mainwp, Wpvivid Backup For Mainwp 2024-08-02 7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPvivid Team WPvivid Backup for MainWP allows Reflected XSS.This issue affects WPvivid Backup for MainWP: from n/a through 0.9.32.
CVE-2024-35651 1 Spiffyplugins 1 Wp Flow Plus 2024-08-02 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.2.
CVE-2024-35653 1 Visualcomposer 1 Visual Composer Website Builder 2024-08-02 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in visualcomposer.Com Visual Composer Website Builder allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through 45.8.0.
CVE-2024-35583 2024-08-02 6.1 Medium
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field.
CVE-2024-35646 2024-08-02 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Smartarget Smartarget Message Bar allows Stored XSS.This issue affects Smartarget Message Bar: from n/a through 1.3.
CVE-2024-35641 2024-08-02 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GregRoss Just Writing Statistics allows Stored XSS.This issue affects Just Writing Statistics: from n/a through 4.5.
CVE-2024-35666 1 Themesflat 1 Themesflat Addons For Elementor 2024-08-02 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themesflat Themesflat Addons For Elementor allows Stored XSS.This issue affects Themesflat Addons For Elementor: from n/a through 2.1.2.
CVE-2024-35631 2024-08-02 7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Foliovision FV Flowplayer Video Player allows Reflected XSS.This issue affects FV Flowplayer Video Player: from n/a through 7.5.45.7212.
CVE-2024-35645 2024-08-02 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in vinoth06 Random Banner allows Stored XSS.This issue affects Random Banner: from n/a through 4.2.8.
CVE-2024-35627 2024-08-02 6.1 Medium
tileserver-gl up to v4.4.10 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /data/v3/?key.
CVE-2024-35639 2024-08-02 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webliberty Simple Spoiler allows Stored XSS.This issue affects Simple Spoiler: from n/a through 1.2.
CVE-2024-35647 2024-08-02 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Global Notification Bar allows Stored XSS.This issue affects Global Notification Bar: from n/a through 1.0.1.
CVE-2024-35595 2024-08-02 6.1 Medium
An arbitrary file upload vulnerability in the File Preview function of Xintongda OA v2023.12.30.1 allows attackers to execute arbitrary code via uploading a crafted PDF file.
CVE-2024-35169 2024-08-02 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AREOI All Bootstrap Blocks allows Stored XSS.This issue affects All Bootstrap Blocks: from n/a through 1.3.15.
CVE-2024-35300 1 Jetbrains 1 Teamcity 2024-08-02 3.5 Low
In JetBrains TeamCity between 2024.03 and 2024.03.1 several stored XSS in the available updates page were possible
CVE-2024-35170 2024-08-02 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hidden Depth Sticky banner allows Stored XSS.This issue affects Sticky banner: from n/a through 1.2.0.