Total
30609 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-31087 | 2024-11-21 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joel Starnes pageMash > Page Management allows Reflected XSS.This issue affects pageMash > Page Management: from n/a through 1.3.0. | |||||
CVE-2024-31085 | 2024-11-21 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rob Marsh, SJ Post-Plugin Library allows Reflected XSS.This issue affects Post-Plugin Library: from n/a through 2.6.2.1. | |||||
CVE-2024-31084 | 2024-11-21 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pulsar Web Design Weekly Class Schedule allows Reflected XSS.This issue affects Weekly Class Schedule: from n/a through 3.19. | |||||
CVE-2024-31065 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field. | |||||
CVE-2024-31064 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the First Name input field. | |||||
CVE-2024-31063 | 2024-11-21 | N/A | 6.4 MEDIUM | ||
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Email input field. | |||||
CVE-2024-31061 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Last Name input field. | |||||
CVE-2024-30989 | 2024-11-21 | N/A | N/A | ||
Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter. | |||||
CVE-2024-30988 | 2024-11-21 | N/A | 6.8 MEDIUM | ||
Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar. | |||||
CVE-2024-30987 | 2024-11-21 | N/A | 6.8 MEDIUM | ||
Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters. | |||||
CVE-2024-30986 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter. | |||||
CVE-2024-30979 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
Cross Site Scripting vulnerability in Cyber Cafe Management System 1.0 allows a remote attacker to execute arbitrary code via the compname parameter in edit-computer-details.php. | |||||
CVE-2024-30953 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
A stored cross-site scripting (XSS) vulnerability in Htmly v2.9.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Link Name parameter of Menu Editor module. | |||||
CVE-2024-30950 | 2024-11-21 | N/A | 3.5 LOW | ||
A stored cross-site scripting (XSS) vulnerability in FUDforum v3.1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SQL statements field under /adm/admsql.php. | |||||
CVE-2024-30931 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
Stored Cross Site Scripting vulnerability in Emby Media Server Emby Media Server 4.8.3.0 allows a remote attacker to escalate privileges via the notifications.html component. | |||||
CVE-2024-30929 | 2024-11-21 | N/A | 8.0 HIGH | ||
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the 'back' Parameter in playlist.php | |||||
CVE-2024-30927 | 2024-11-21 | N/A | 6.3 MEDIUM | ||
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the racer-results.php component. | |||||
CVE-2024-30926 | 2024-11-21 | N/A | 4.6 MEDIUM | ||
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the ./inc/kiosks.inc component. | |||||
CVE-2024-30925 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the photo-thumbs.php component. | |||||
CVE-2024-30921 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary code via the photo.php component. |