Export limit exceeded: 348988 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45762 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-28133 | 1 Jenkins | 1 Bitbucket Server Integration | 2024-11-21 | 5.4 Medium |
| Jenkins Bitbucket Server Integration Plugin 3.1.0 and earlier does not limit URL schemes for callback URLs on OAuth consumers, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create BitBucket Server consumers. | ||||
| CVE-2022-28102 | 1 Php Mysql Admin Panel Generator Project | 1 Php Mysql Admin Panel Generator | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in PHP MySQL Admin Panel Generator v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at /edit-db.php. | ||||
| CVE-2022-28101 | 1 Lyonbros | 1 Turtl | 2024-11-21 | 9.0 Critical |
| Turtlapp Turtle Note v0.7.2.6 does not filter the <meta> tag during markdown parsing, allowing attackers to execute HTML injection. | ||||
| CVE-2022-28094 | 1 Online Sports Complex Booking System Project | 1 Online Sports Complex Booking System | 2024-11-21 | 6.1 Medium |
| SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the fid parameter at booking.php. | ||||
| CVE-2022-28081 | 1 Ar-php | 1 Arphp | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the component Query.php of arPHP v3.6.0 allows attackers to execute arbitrary web scripts. | ||||
| CVE-2022-28078 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2024-11-21 | 6.1 Medium |
| Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['page'] parameter. | ||||
| CVE-2022-28077 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2024-11-21 | 6.1 Medium |
| Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['s'] parameter. | ||||
| CVE-2022-28074 | 1 Fit2cloud | 1 Halo | 2024-11-21 | 4.8 Medium |
| Halo-1.5.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via \admin\index.html#/system/tools. | ||||
| CVE-2022-28051 | 1 Seeddms | 1 Seeddms | 2024-11-21 | 5.4 Medium |
| The "Add category" functionality inside the "Global Keywords" menu in "SeedDMS" version 6.0.18 and 5.1.25, is prone to stored XSS which allows an attacker to inject malicious javascript code. | ||||
| CVE-2022-27961 | 1 Ofcms Project | 1 Ofcms | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability at /ofcms/company-c-47 in OFCMS v1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment text box. | ||||
| CVE-2022-27920 | 2 Fedoraproject, Kiwix | 2 Fedora, Libkiwix | 2024-11-21 | 6.1 Medium |
| libkiwix 10.0.0 and 10.0.1 allows XSS in the built-in webserver functionality via the search suggestions URL parameter. This is fixed in 10.1.0. | ||||
| CVE-2022-27913 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Joomla! 4.2.0 through 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components. | ||||
| CVE-2022-27887 | 1 Maccms | 1 Maccms | 2024-11-21 | 6.1 Medium |
| Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/vod/data.html via the repeat parameter. | ||||
| CVE-2022-27886 | 1 Maccms | 1 Maccms | 2024-11-21 | 6.1 Medium |
| Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/ulog/index.html via the wd parameter. | ||||
| CVE-2022-27885 | 1 Maccms | 1 Maccms | 2024-11-21 | 6.1 Medium |
| Maccms v10 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities in /admin.php/admin/website/data.html via the select and input parameters. | ||||
| CVE-2022-27884 | 1 Maccms | 1 Maccms | 2024-11-21 | 6.1 Medium |
| Maccms v10 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in /admin.php/admin/plog/index.html via the wd parameter. | ||||
| CVE-2022-27880 | 1 F5 | 1 Traffix Signaling Delivery Controller | 2024-11-21 | 4.8 Medium |
| On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2022-27852 | 1 Wpchill | 1 Kb Support | 2024-11-21 | 6.1 Medium |
| Multiple Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabilities in KB Support (WordPress plugin) <= 1.5.5 versions. | ||||
| CVE-2022-27777 | 3 Debian, Redhat, Rubyonrails | 3 Debian Linux, Satellite, Actionpack | 2024-11-21 | 6.1 Medium |
| A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes. | ||||
| CVE-2022-27656 | 1 Sap | 3 Netweaver As Abap Kernel, Netweaver As Abap Krnl64uc, Webdispatcher | 2024-11-21 | 6.1 Medium |
| The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | ||||