Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (46609 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-47790 1 Popozure 1 Pz-linkcard 2024-11-21 7.1 High
Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in Poporon Pz-LinkCard plugin <= 2.4.8 versions.
CVE-2023-47786 1 Layerslider 1 Layerslider 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LayerSlider plugin <= 7.7.9 versions.
CVE-2023-47773 1 Yasglobal 1 Permalinks Customizer 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YAS Global Team Permalinks Customizer plugin <= 2.8.2 versions.
CVE-2023-47772 1 Themepunch 1 Slider Revolution 2024-11-21 6.5 Medium
Contributor+ Stored Cross-Site Scripting (XSS) vulnerability in Slider Revolution <= 6.6.14.
CVE-2023-47768 1 Diywebmastery 1 Footer Putter 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Russell Jamieson Footer Putter plugin <= 1.17 versions.
CVE-2023-47767 1 Fla-shop 1 Interactive World Map 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fla-shop.Com Interactive World Map plugin <= 3.2.0 versions.
CVE-2023-47766 1 Ifeelweb 1 Post Status Notifier Lite 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timo Reith Post Status Notifier Lite plugin <= 1.11.0 versions.
CVE-2023-47755 1 Aazztech 1 Woocommerce Product Carousel Slider 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AazzTech WooCommerce Product Carousel Slider plugin <= 3.3.5 versions.
CVE-2023-47707 3 Ibm, Linux, Microsoft 4 Aix, Security Guardium Key Lifecycle Manager, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Security Guardium Key Lifecycle Manager 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 271522.
CVE-2023-47699 1 Ibm 1 Sterling Secure Proxy 2024-11-21 6.1 Medium
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270974.
CVE-2023-47623 1 Clockworkmod 1 Scrypted 2024-11-21 6.1 Medium
Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the login page via the `redirect_uri` parameter. By specifying a url with the javascript scheme (`javascript:`), an attacker can run arbitrary JavaScript code after the login.
CVE-2023-47620 1 Clockworkmod 1 Scrypted 2024-11-21 6.1 Medium
Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the plugin-http.ts file via the `owner' and 'pkg` parameters. An attacker can run arbitrary JavaScript code.
CVE-2023-47575 1 Relyum 4 Rely-pcie, Rely-pcie Firmware, Rely-rec and 1 more 2024-11-21 6.1 Medium
An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. The web interfaces of the Relyum devices are susceptible to reflected XSS.
CVE-2023-47561 1 Qnap 1 Photo Station 2024-11-21 5.5 Medium
A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15 ) and later
CVE-2023-47520 1 Michaeluno 1 Responsive Column Widgets 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Michael Uno (miunosoft) Responsive Column Widgets plugin <= 1.2.7 versions.
CVE-2023-47518 1 Vfbpro 1 Restrict Categories 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Matthew Muro Restrict Categories plugin <= 2.6.4 versions.
CVE-2023-47514 1 Star-emea 1 Star Cloudprnt For Woocommerce 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in lawrenceowen, gcubero, acunnningham, fmahmood Star CloudPRNT for WooCommerce plugin <= 2.0.3 versions.
CVE-2023-47509 1 Ioannup 1 Edit Woocommerce Templates 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ioannup Edit WooCommerce Templates plugin <= 1.1.1 versions.
CVE-2023-47508 1 Averta 1 Master Slider 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Averta Master Slider Pro plugin <= 3.6.5 versions.
CVE-2023-47446 1 Phpgurukul 1 Pre-school Enrollment System 2024-11-21 5.4 Medium
Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting (XSS) on the profile.php page via fullname parameter.