Total
30595 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-32456 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvoThemes Envo Extra allows Stored XSS.This issue affects Envo Extra: from n/a through 1.8.11. | |||||
| CVE-2024-32453 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POEditor allows Stored XSS.This issue affects POEditor: from n/a through 0.9.8. | |||||
| CVE-2024-32429 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPChill Remove Footer Credit allows Stored XSS.This issue affects Remove Footer Credit: from n/a through 1.0.13. | |||||
| CVE-2024-32428 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moss Web Works MWW Disclaimer Buttons allows Stored XSS.This issue affects MWW Disclaimer Buttons: from n/a through 3.0.2. | |||||
| CVE-2024-32409 | 2024-11-21 | N/A | 7.1 HIGH | ||
| An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script. | |||||
| CVE-2024-32405 | 2024-11-21 | N/A | 2.6 LOW | ||
| Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function. | |||||
| CVE-2024-32392 | 2024-11-21 | N/A | 4.5 MEDIUM | ||
| Cross Site Scripting vulnerability in CmSimple v.5.15 allows a remote attacker to execute arbitrary code via the functions.php component. | |||||
| CVE-2024-32391 | 2024-11-21 | N/A | 7.3 HIGH | ||
| Cross Site Scripting vulnerability in MacCMS v.10 v.2024.1000.3000 allows a remote attacker to execute arbitrary code via a crafted payload. | |||||
| CVE-2024-32344 | 2024-11-21 | N/A | 6.8 MEDIUM | ||
| A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit parameter under the Language section. | |||||
| CVE-2024-32343 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
| A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter. | |||||
| CVE-2024-32342 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
| A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Permalink parameter. | |||||
| CVE-2024-32340 | 2024-11-21 | N/A | 9.6 CRITICAL | ||
| A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the WEBSITE TITLE parameter under the Menu module. | |||||
| CVE-2024-32339 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
| Multiple cross-site scripting (XSS) vulnerabilities in the HOW TO page of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into any of the parameters. | |||||
| CVE-2024-32338 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE TITLE parameter under the Current Page module. | |||||
| CVE-2024-32337 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
| A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ADMIN LOGIN URL parameter under the Security module. | |||||
| CVE-2024-32335 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless Page. | |||||
| CVE-2024-32334 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page. | |||||
| CVE-2024-32333 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page. | |||||
| CVE-2024-32332 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in WDS Settings under the Wireless Page. | |||||
| CVE-2024-32327 | 2024-11-21 | N/A | 5.5 MEDIUM | ||
| TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall Page. | |||||