Export limit exceeded: 45720 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45720 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-45888 | 1 Ponton | 1 X\/p Messenger | 2024-11-21 | 4.8 Medium |
| An issue was discovered in PONTON X/P Messenger before 3.11.2. The navigation tree that is shown on the left side of every page of the web application is vulnerable to XSS: it allows injection of JavaScript into its nodes. Creating such nodes is only possible for users who have the role Configuration Administrator or Administrator. | ||||
| CVE-2021-45877 | 1 Garo | 6 Wallbox Glb, Wallbox Glb Firmware, Wallbox Gtb and 3 more | 2024-11-21 | 9.8 Critical |
| Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded credential exist in /etc/tomcat8/tomcat-user.xml, which allows attackers to gain authorized access and control the tomcat completely on port 8000 in the tomcat manger page. | ||||
| CVE-2021-45866 | 1 Student Attendance Management System Project | 1 Student Attendance Management System | 2024-11-21 | 5.4 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Student Attendance Management System 1.0 via the couse filed in index.php. | ||||
| CVE-2021-45843 | 1 Glfusion | 1 Glfusion | 2024-11-21 | 6.1 Medium |
| glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting (XSS) vulnerability. The value of the title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. This input was echoed unmodified in the application's response. | ||||
| CVE-2021-45841 | 1 Terra-master | 3 F2-210, F4-210, Tos | 2024-11-21 | 8.1 High |
| In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can self-sign session cookies by knowing the target's MAC address and the user's password hash. Guest users (disabled by default) can be abused using a null/empty hash and allow an unauthenticated attacker to login as guest. | ||||
| CVE-2021-45822 | 1 Btiteam | 1 Xbtit | 2024-11-21 | 6.1 Medium |
| A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" (POST) parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code. | ||||
| CVE-2021-45815 | 1 Quectel | 2 Uc20, Uc20 Firmware | 2024-11-21 | 6.1 Medium |
| Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Scripting (XSS) vulnerability. | ||||
| CVE-2021-45813 | 1 Slican | 1 Webcti | 2024-11-21 | 6.1 Medium |
| SLICAN WebCTI 1.01 2015 is affected by a Cross Site Scripting (XSS) vulnerability. The attacker can steal the user's session by injecting malicious JavaScript codes which leads to Session Hijacking and cause user's credentials theft. | ||||
| CVE-2021-45812 | 1 Nuuo | 2 Nvrsolo, Nvrsolo Firmware | 2024-11-21 | 6.1 Medium |
| NUUO Network Video Recorder NVRsolo 3.9.1 is affected by a Cross Site Scripting (XSS) vulnerability. An attacker can steal the user's session by injecting malicious JavaScript codes which leads to session hijacking. | ||||
| CVE-2021-45792 | 1 Slims | 1 Senayan Library Management System | 2024-11-21 | 4.8 Medium |
| Slims9 Bulian 9.4.2 is affected by Cross Site Scripting (XSS) in /admin/modules/system/custom_field.php. | ||||
| CVE-2021-45787 | 1 Maccms | 1 Maccms | 2024-11-21 | 5.4 Medium |
| There is a stored Cross Site Scripting (XSS) vulnerability in maccms v10 through adding videos. XSS code can be inserted at parameter positions including name and remarks. | ||||
| CVE-2021-45745 | 1 Bludit | 1 Bludit | 2024-11-21 | 5.4 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel. | ||||
| CVE-2021-45744 | 1 Bludit | 1 Bludit | 2024-11-21 | 5.4 Medium |
| A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel. | ||||
| CVE-2021-45732 | 1 Netgear | 2 R6700, R6700 Firmware | 2024-11-21 | 8.8 High |
| Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted/obfuscated. By extracting the configuration using readily available public tools, a user can reconfigure settings not intended to be manipulated, repackage the configuration, and restore a backup causing these settings to be changed. | ||||
| CVE-2021-45721 | 1 Jfrog | 1 Artifactory | 2024-11-21 | 6.1 Medium |
| JFrog Artifactory prior to version 7.29.8 and 6.23.38 is vulnerable to Reflected Cross-Site Scripting (XSS) through one of the XHR parameters in Users REST API endpoint. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.36.1 versions prior to 7.29.8; JFrog Artifactory versions before 6.23.41 versions prior to 6.23.38. | ||||
| CVE-2021-45677 | 1 Netgear | 4 Gs108t, Gs108t Firmware, Gs110tp and 1 more | 2024-11-21 | 5.2 Medium |
| Certain NETGEAR devices are affected by stored XSS. This affects GS108Tv2 before 5.4.2.36 and GS110TPv2 before 5.4.2.36. | ||||
| CVE-2021-45676 | 1 Netgear | 10 Rax15, Rax15 Firmware, Rax20 and 7 more | 2024-11-21 | 4.3 Medium |
| Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.5.126, RAX20 before 1.0.2.82, RAX80 before 1.0.5.126, RAX15 before 1.0.2.82, and RAX75 before 1.0.5.126. | ||||
| CVE-2021-45675 | 1 Netgear | 30 Ac2100, Ac2100 Firmware, Ac2400 and 27 more | 2024-11-21 | 5.8 Medium |
| Certain NETGEAR devices are affected by stored XSS. This affects R6120 before 1.0.0.76, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6700v2 before 1.2.0.76, R6900v2 before 1.2.0.76, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, and AC2600 before 1.2.0.76. | ||||
| CVE-2021-45674 | 1 Netgear | 16 R7000, R7000 Firmware, R7900 and 13 more | 2024-11-21 | 3.2 Low |
| Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. | ||||
| CVE-2021-45673 | 1 Netgear | 16 R6900p, R6900p Firmware, R7000 and 13 more | 2024-11-21 | 4.8 Medium |
| Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1.0.3.106, R6900P before 1.3.3.140, and RAX75 before 1.0.3.106. | ||||