Total
30607 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45099 | 2 Ibm, Linux | 2 Security Qradar Edr, Linux Kernel | 2024-11-16 | N/A | 4.8 MEDIUM |
| IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2024-9477 | 1 Airties | 2 Air4443, Air4443 Firmware | 2024-11-15 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AirTies Air4443 Firmware allows Cross-Site Scripting (XSS).This issue affects Air4443 Firmware: through 14102024. NOTE: The vendor was contacted and it was learned that the product classified as End-of-Life and End-of-Support. | |||||
| CVE-2024-36140 | 1 Siemens | 4 Ozw672, Ozw672 Firmware, Ozw772 and 1 more | 2024-11-15 | N/A | 5.4 MEDIUM |
| A vulnerability has been identified in OZW672 (All versions < V5.2), OZW772 (All versions < V5.2). The user accounts tab of affected devices is vulnerable to stored cross-site scripting (XSS) attacks. This could allow an authenticated remote attacker to inject arbitrary JavaScript code that is later executed by another authenticated victim user with potential higher privileges than the attacker. | |||||
| CVE-2024-11175 | 1 Publiccms | 1 Publiccms | 2024-11-15 | 4.0 MEDIUM | 4.8 MEDIUM |
| A vulnerability was found in Public CMS 5.202406.d and classified as problematic. This issue affects some unknown processing of the file /admin/cmsVote/save of the component Voting Management. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named b9530b9cc1f5cfdad4b637874f59029a6283a65c. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2021-27703 | 2024-11-15 | N/A | 5.4 MEDIUM | ||
| Sercomm Model Etisalat Model S3- AC2100 is affected by Cross Site Scripting (XSS) via the firmware update page. | |||||
| CVE-2024-40579 | 2024-11-15 | N/A | 5.4 MEDIUM | ||
| Cross Site Scripting vulnerability in Virtuozzo Hybrid Server for WHMCS Open Source v.1.7.1 allows a remote attacker to obtain sensitive information via modification of the hostname parameter. | |||||
| CVE-2024-11130 | 1 Zzcms | 1 Zzcms | 2024-11-15 | 3.3 LOW | 4.8 MEDIUM |
| A vulnerability was found in ZZCMS up to 2023. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/msg.php. The manipulation of the argument keyword leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-52355 | 1 Hyumika | 1 Openstreetmap | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hyumika OSM – OpenStreetMap allows Stored XSS.This issue affects OSM – OpenStreetMap: from n/a through 6.1.2. | |||||
| CVE-2024-52354 | 1 Coolplugins | 1 Web Stories Widgets For Elementor | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cool Plugins Web Stories Widgets For Elementor allows Stored XSS.This issue affects Web Stories Widgets For Elementor: from n/a through 1.1. | |||||
| CVE-2024-52353 | 1 Sharethepractice | 1 Christian Science Bible Lesson Subjects | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gabriel Serafini Christian Science Bible Lesson Subjects allows DOM-Based XSS.This issue affects Christian Science Bible Lesson Subjects: from n/a through 2.0. | |||||
| CVE-2024-52352 | 1 Miloco | 1 Postcasa Shortcode | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Andrew Milo Postcasa Shortcode allows DOM-Based XSS.This issue affects Postcasa Shortcode: from n/a through 1.0. | |||||
| CVE-2024-51585 | 1 Nicheaddons | 1 Sales Page Addon | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Sales Page Addon – Elementor & Beaver Builder allows Stored XSS.This issue affects Sales Page Addon – Elementor & Beaver Builder: from n/a through 1.4.2. | |||||
| CVE-2024-51662 | 1 Modernaweb | 1 Black Widgets For Elementor | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black Widgets For Elementor: from n/a through 1.3.6. | |||||
| CVE-2024-51594 | 1 Rafelsanso | 1 Gmap Point List | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rafel Sansó Gmap Point List allows Stored XSS.This issue affects Gmap Point List: from n/a through 1.1.2. | |||||
| CVE-2024-51592 | 1 Mysticalthemes | 1 Meta Store Elements | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bnayawpguy Meta Store Elements allows DOM-Based XSS.This issue affects Meta Store Elements: from n/a through 1.0.9. | |||||
| CVE-2024-51595 | 1 Sksdev | 1 Sksdev Toolkit | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in sksdev SKSDEV Toolkit allows Stored XSS.This issue affects SKSDEV Toolkit: from n/a through 1.0.0. | |||||
| CVE-2024-51596 | 1 Snilesh | 1 Business | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nilesh Shiragave Business allows Stored XSS.This issue affects Business: from n/a through 1.3. | |||||
| CVE-2024-51599 | 1 Russellalbin | 1 Simple Business Manager | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Russell Albin Simple Business Manager allows Stored XSS.This issue affects Simple Business Manager: from n/a through 4.6.7.4. | |||||
| CVE-2024-51610 | 1 Seothemes | 1 Display Terms Shortcode | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SEO Themes Display Terms Shortcode allows Stored XSS.This issue affects Display Terms Shortcode: from n/a through 1.0.4. | |||||
| CVE-2024-51605 | 1 Genoo | 1 Genoo | 2024-11-15 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Genoo, LLC Genoo allows DOM-Based XSS.This issue affects Genoo: from n/a through 6.0.10. | |||||