Total
30607 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-30886 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| A stored cross-site scripting (XSS) vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter. | |||||
| CVE-2024-30885 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
| Reflected Cross-Site Scripting (XSS) vulnerability in HadSky v7.6.3, allows remote attackers to execute arbitrary code and obtain sensitive information via the chklogin.php component . | |||||
| CVE-2024-30884 | 2024-11-21 | N/A | 7.1 HIGH | ||
| Reflected Cross-Site Scripting (XSS) vulnerability in Discuz! version X3.4 20220811, allows remote attackers to execute arbitrary code and obtain sensitive information via crafted payload to the primarybegin parameter in the misc.php component. | |||||
| CVE-2024-30883 | 2024-11-21 | N/A | 4.7 MEDIUM | ||
| Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the aspectRatio parameter in the image cropping function. | |||||
| CVE-2024-30880 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the multiple parameter in the image cropping function. | |||||
| CVE-2024-30879 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
| Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the boxId parameter in the image cropping function. | |||||
| CVE-2024-30848 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
| Cross-site scripting (XSS) vulnerability in SilverSky E-mail service version 5.0.3126 allows remote attackers to inject arbitrary web script or HTML via the version parameter. | |||||
| CVE-2024-30561 | 2024-11-21 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scientech It Solution Appointment Calendar allows Reflected XSS.This issue affects Appointment Calendar: from n/a through 2.9.6. | |||||
| CVE-2024-30559 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maurice Spin 360 deg and 3D Model Viewer allows Stored XSS.This issue affects Spin 360 deg and 3D Model Viewer: from n/a through 1.2.7. | |||||
| CVE-2024-30558 | 2024-11-21 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Simpson Add Shortcodes Actions And Filters allows Reflected XSS.This issue affects Add Shortcodes Actions And Filters: from n/a through 2.10. | |||||
| CVE-2024-30557 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aesopinteractive Aesop Story Engine allows Stored XSS.This issue affects Aesop Story Engine: from n/a through 2.3.2. | |||||
| CVE-2024-30556 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MightyThemes Mighty Classic Pros And Cons allows Stored XSS.This issue affects Mighty Classic Pros And Cons: from n/a through 2.0.9. | |||||
| CVE-2024-30555 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sayan Datta Ultimate Social Comments – Email Notification & Lazy Load allows Stored XSS.This issue affects Ultimate Social Comments – Email Notification & Lazy Load: from n/a through 1.4.8. | |||||
| CVE-2024-30554 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wouter Dijkstra DD Rating allows Stored XSS.This issue affects DD Rating: from n/a through 1.7.1. | |||||
| CVE-2024-30553 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joby Joseph WP Twitter Mega Fan Box Widget allows Stored XSS.This issue affects WP Twitter Mega Fan Box Widget : from n/a through 1.0. | |||||
| CVE-2024-30552 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wppdf.Org Responsive flipbook allows Stored XSS.This issue affects Responsive flipbook: from n/a through 1.0.0. | |||||
| CVE-2024-30551 | 2024-11-21 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Toast Plugins Sticky Anything.This issue affects Sticky Anything: from n/a through 2.1.5. | |||||
| CVE-2024-30550 | 2024-11-21 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Reflected XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3. | |||||
| CVE-2024-30549 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Stored XSS.This issue affects Contact Forms by Cimatti: from n/a through 1.8.0. | |||||
| CVE-2024-30548 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noah Kagan underConstruction allows Stored XSS.This issue affects underConstruction: from n/a through 1.21. | |||||