Total
30643 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-22720 | 1 Kanboard | 1 Kanboard | 2024-11-21 | N/A | 4.8 MEDIUM |
| Kanboard 1.2.34 is vulnerable to Html Injection in the group management feature. | |||||
| CVE-2024-22714 | 1 Codelyfe | 1 Stupid Simple Cms | 2024-11-21 | N/A | 6.1 MEDIUM |
| Stupid Simple CMS <=1.2.4 is vulnerable to Cross Site Scripting (XSS) in the editing section of the article content. | |||||
| CVE-2024-22639 | 1 Igalerie | 1 Igalerie | 2024-11-21 | N/A | 6.1 MEDIUM |
| iGalerie v3.0.22 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Titre (Title) field in the editing interface. | |||||
| CVE-2024-22637 | 1 Formtools | 1 Form Tools | 2024-11-21 | N/A | 6.1 MEDIUM |
| Form Tools v3.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /form_builder/preview.php?form_id=2. | |||||
| CVE-2024-22635 | 1 Webcalendar Project | 1 Webcalendar | 2024-11-21 | N/A | 6.1 MEDIUM |
| WebCalendar v1.3.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /WebCalendarvqsmnseug2/edit_entry.php. | |||||
| CVE-2024-22570 | 1 Njtech | 1 Greencms | 2024-11-21 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | |||||
| CVE-2024-22569 | 1 Poscms | 1 Poscms | 2024-11-21 | N/A | 5.4 MEDIUM |
| Stored Cross-Site Scripting (XSS) vulnerability in POSCMS v4.6.2, allows attackers to execute arbitrary code via a crafted payload to /index.php?c=install&m=index&step=2&is_install_db=0. | |||||
| CVE-2024-22559 | 1 Lightcms Project | 1 Lightcms | 2024-11-21 | N/A | 5.4 MEDIUM |
| LightCMS v2.0 is vulnerable to Cross Site Scripting (XSS) in the Content Management - Articles field. | |||||
| CVE-2024-22551 | 1 Ushainformatique | 1 Whatacart | 2024-11-21 | N/A | 6.1 MEDIUM |
| WhatACart v2.0.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /site/default/search. | |||||
| CVE-2024-22549 | 1 Flycms Project | 1 Flycms | 2024-11-21 | N/A | 5.4 MEDIUM |
| FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the email settings of the website settings section. | |||||
| CVE-2024-22548 | 1 Flycms Project | 1 Flycms | 2024-11-21 | N/A | 5.4 MEDIUM |
| FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website name section. | |||||
| CVE-2024-22547 | 2024-11-21 | N/A | 4.7 MEDIUM | ||
| WayOS IBR-7150 <17.06.23 is vulnerable to Cross Site Scripting (XSS). | |||||
| CVE-2024-22497 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in /admin/login password parameter in JFinalcms 5.0.0 allows attackers to run arbitrary code via crafted URL. | |||||
| CVE-2024-22496 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the /admin/login username parameter. | |||||
| CVE-2024-22494 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 5.4 MEDIUM |
| A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save mobile parameter, which allows remote attackers to inject arbitrary web script or HTML. | |||||
| CVE-2024-22493 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 5.4 MEDIUM |
| A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save content parameter, which allows remote attackers to inject arbitrary web script or HTML. | |||||
| CVE-2024-22492 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 5.4 MEDIUM |
| A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save contact parameter, which allows remote attackers to inject arbitrary web script or HTML. | |||||
| CVE-2024-22491 | 1 Beetl-bbs Project | 1 Beetl-bbs | 2024-11-21 | N/A | 5.4 MEDIUM |
| A Stored Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the post/save content parameter. | |||||
| CVE-2024-22490 | 1 Beetl-bbs Project | 1 Beetl-bbs | 2024-11-21 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the /index keyword parameter. | |||||
| CVE-2024-22477 | 1 Pingidentity | 1 Pingfederate | 2024-11-21 | N/A | 1.8 LOW |
| A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only. | |||||