Export limit exceeded: 45715 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45715 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-43761 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2024-11-21 | 8 High |
| AEM's Cloud Service offering, as well as versions 6.5.7.0 (and below), 6.4.8.3 (and below) and 6.3.3.8 (and below) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | ||||
| CVE-2021-43742 | 1 Cmsimple | 1 Cmsimple | 2024-11-21 | 5.4 Medium |
| CMSimple 5.4 is vulnerable to Cross Site Scripting (XSS) via the file upload feature. | ||||
| CVE-2021-43729 | 1 Pix-link | 2 Lv-wr09, Lv-wr09 Firmware | 2024-11-21 | 5.4 Medium |
| Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized Security Key parameter. | ||||
| CVE-2021-43728 | 1 Pix-link | 2 Lv-wr09, Lv-wr09 Firmware | 2024-11-21 | 5.4 Medium |
| Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized SSID parameter. | ||||
| CVE-2021-43725 | 1 Spotweb Project | 1 Spotweb | 2024-11-21 | 6.1 Medium |
| There is a Cross Site Scripting (XSS) vulnerability in SpotPage_login.php of Spotweb 1.5.1 and below, which allows remote attackers to inject arbitrary web script or HTML via the data[performredirect] parameter. | ||||
| CVE-2021-43724 | 1 Intelliants | 1 Subrion Cms | 2024-11-21 | 4.8 Medium |
| A Cross Site Scripting (XSS) vulnerability exits in Subrion CMS through 4.2.1 in the Create Page functionality of the admin Account via a SGV file. | ||||
| CVE-2021-43721 | 1 Leanote | 1 Leanote | 2024-11-21 | 6.1 Medium |
| Leanote 2.7.0 is vulnerable to Cross Site Scripting (XSS) in the markdown type note. This leads to remote code execution with payload : <video src=x onerror=(function(){require('child_process').exec('calc');})();> | ||||
| CVE-2021-43712 | 1 Employee Daily Task Management System Project | 1 Employee Daily Task Management System | 2024-11-21 | 5.4 Medium |
| Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field. | ||||
| CVE-2021-43707 | 1 Maccms | 1 Maccms | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability exists in Maccms v10 via link_Name parameter. | ||||
| CVE-2021-43702 | 1 Asus | 186 4g-ac53u, 4g-ac53u Firmware, 4g-ac68u and 183 more | 2024-11-21 | 9.0 Critical |
| ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker was able to change the SSID of the router with a custom payload, they could achieve stored XSS on the device. | ||||
| CVE-2021-43698 | 1 Phpwhois Project | 1 Phpwhois | 2024-11-21 | 6.1 Medium |
| phpWhois (last update Jun 30 2021) is affected by a Cross Site Scripting (XSS) vulnerability. In file example.php, the exit function will terminate the script and print the message to the user. The message will contain $_GET['query'] then there is a XSS vulnerability. | ||||
| CVE-2021-43697 | 1 Workerman-thinkphp-redis Project | 1 Workerman-thinkphp-redis | 2024-11-21 | 6.1 Medium |
| Workerman-ThinkPHP-Redis (last update Mar 16, 2018) is affected by a Cross Site Scripting (XSS) vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $_GET{C('VAR_JSONP_HANDLER')] then there is a XSS vulnerability. | ||||
| CVE-2021-43696 | 1 Twmap Project | 1 Twmap | 2024-11-21 | 6.1 Medium |
| twmap v2.91_v4.33 is affected by a Cross Site Scripting (XSS) vulnerability. In file list.php, the exit function will terminate the script and print the message to the user. The message will contain $_REQUEST then there is a XSS vulnerability. | ||||
| CVE-2021-43695 | 1 Issabel | 1 Pbx | 2024-11-21 | 6.1 Medium |
| issabelPBX version 2.11 is affected by a Cross Site Scripting (XSS) vulnerability. In file page.backup_restore.php, the exit function will terminate the script and print the message to the user. The message will contain $_REQUEST without sanitization, then there is a XSS vulnerability. | ||||
| CVE-2021-43692 | 1 Youtube-php-mirroring Project | 1 Youtube-php-mirroring | 2024-11-21 | 6.1 Medium |
| youtube-php-mirroring (last update Jun 9, 2017) is affected by a Cross Site Scripting (XSS) vulnerability in file ytproxy/index.php. | ||||
| CVE-2021-43690 | 1 Yurunproxy Project | 1 Yurunproxy | 2024-11-21 | 6.1 Medium |
| YurunProxy v0.01 is affected by a Cross Site Scripting (XSS) vulnerability in src/Client.php. The exit function will terminate the script and print a message which have values from the socket_read. | ||||
| CVE-2021-43689 | 1 Manage Project | 1 Manage | 2024-11-21 | 6.1 Medium |
| manage (last update Oct 24, 2017) is affected by a Cross Site Scripting (XSS) vulnerability in Application/Home/Controller/GoodsController.class.php. The exit function will terminate the script and print a message which have values from $_POST. | ||||
| CVE-2021-43687 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 6.1 Medium |
| chamilo-lms v1.11.14 is affected by a Cross Site Scripting (XSS) vulnerability in /plugin/jcapture/applet.php if an attacker passes a message hex2bin in the cookie. | ||||
| CVE-2021-43686 | 1 Nzedb Project | 1 Nzedb | 2024-11-21 | 6.1 Medium |
| nZEDb v0.4.20 is affected by a Cross Site Scripting (XSS) vulnerability in www/pages/api.php. The exit function will terminate the script and print the message which has the input $_GET['t']. | ||||
| CVE-2021-43683 | 1 Haschek | 1 Pictshare | 2024-11-21 | 6.1 Medium |
| pictshare v1.5 is affected by a Cross Site Scripting (XSS) vulnerability in api/info.php. The exit function will terminate the script and print the message which has $_REQUEST['hash']. | ||||