| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| DedeCMS up to and including 5.7.110 was discovered to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_add.php via the title parameter. |
| DedeCMS up to and including 5.7.110 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_edit.php via the votename and votenote parameters. |
| DedeCMS up to and including 5.7.110 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_add.php via the votename and voteitem1 parameters. |
| Cross Site Scripting vulnerability in mooSocial mooSocial Software 3.1.6 and 3.1.7 allows a remote attacker to execute arbitrary code via a crafted script to the edit_menu, copuon, and group_categorias functions. |
| Cross Site Scripting (XSS) vulnerability in Phpgurukul User Registration & Login and User Management System With admin panel 3.0 allows attackers to run arbitrary code via fname, lname, email, and contact fields of the user registration page. |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via the Product Configuration Name Field. |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Milestone Name Field. |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via the Category Creation Name Field. |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Name Field. |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Saved Search Creation. |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Group Name Field. |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via Product Name Field. |
| OpenCRX version 5.2.0 is vulnerable to HTML injection via the Activity Search Criteria-Activity Number. |
| HKcms v2.3.0.230709 is vulnerable to Cross Site Scripting (XSS) allowing administrator cookies to be stolen. |
| There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Callback Widget v1.0. |
| There is a Cross Site Scripting (XSS) vulnerability in the message parameter of index.php in PHPJabbers Ticket Support Script v3.2. |
| There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Make an Offer Widget v1.0. |
| PHPJabbers Fundraising Script v1.0 is vulnerable to Cross Site Scripting (XSS) via the "action" parameter of index.php. |
| There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Yacht Listing Script v1.0. |
| A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 - 7.0.8, 7.2.0 - 7.2.3 and 7.4.0 allows an attacker to access Fortinet private testing data via the use of static credentials. |
