CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Haraj 3.7 - Cross-Site Scripting

Haraj 3.7 contains a cross-site scripting vulnerability in the User Upgrade Form. An attacker can inject malicious script and thus steal authentication credentials and launch other attacks. id: CVE-2022-31299 info: name: Haraj 3.7 - Cross-Site Scripting author: edoardottt severity: medium...

6.1CVSS6.3AI score0.04731EPSS

Exploits2References5

RedhatCVE•added 2025/02/05 12:21 a.m.•4 views

CVE-2024-31299

Cross-Site Request Forgery CSRF vulnerability in Reservation Diary ReDi Restaurant Reservation allows Cross-Site Scripting XSS.This issue affects ReDi Restaurant Reservation: from n/a through 24.0128...

7.1CVSS8.5AI score0.00259EPSS

Exploits0References1

Cvelist•added 2024/04/10 4:27 p.m.•14 views

CVE-2024-31299 WordPress ReDi Restaurant Reservation plugin <= 24.0128 - Cross Site Request Forgery (CSRF) to XSS vulnerability

7.1CVSS6.8AI score0.00259EPSS

Exploits0References1

Vulnrichment•added 2024/04/10 4:27 p.m.•11 views

CVE-2024-31299 WordPress ReDi Restaurant Reservation plugin <= 24.0128 - Cross Site Request Forgery (CSRF) to XSS vulnerability

7.1CVSS8.5AI score0.00259EPSS

Exploits0References1

CVE•added 2024/04/10 4:27 p.m.•57 views

CVE-2024-31299

CVE-2024-31299 describes a CSRF vulnerability in the ReDi Restaurant Reservation plugin for WordPress (Reservation Diary ReDi Restaurant Reservation). The issue allows Cross-Site Scripting (XSS) and affects ReDi Restaurant Reservation versions from n/a up to 24.0128. The provided documents do not...

7.1CVSS8.5AI score0.00259EPSS

Exploits0References1

Patchstack•added 2024/04/05 12:0 a.m.•8 views

WordPress ReDi Restaurant Reservation Plugin <= 24.0128 is vulnerable to Cross Site Request Forgery (CSRF)

Software ReDi Restaurant Reservation Type Plugin Vulnerable versions = 24.0128 Fixed in 24.0303 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31299 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID b61734a1714a Credits Maj...

7.1CVSS6.6AI score0.00259EPSS

Exploits0References2Affected Software1

CVE•added 2023/12/29 12:0 a.m.•40 views

CVE-2023-31299

CVE-2023-31299 : Cross Site Scripting (XSS) in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718) , via the container’s Barcode field . The cited sources describe remote attackers potentially executing arbitrary code due to this XSS, but the provided documents do not specify af...

6.1CVSS6.1AI score0.00455EPSS

Exploits0References1Affected Software1

Circl•added 2022/06/17 2:21 a.m.•1 views

CVE-2022-31299

creationtimestamp| type| source ---|---|--- 2022-06-17 02:21:54+00:00| seen| https://t.me/cibsecurity/44696...

6.1CVSS6.1AI score0.04731EPSS

Exploits2References1

ATTACKERKB•added 2022/06/16 10:15 p.m.•1 views

CVE-2022-31299

Haraj v3.7 was discovered to contain a reflected cross-site scripting XSS vulnerability in the User Upgrade Form...

6.1CVSS6.2AI score0.04731EPSS

Exploits2References5

OSV•added 2022/06/16 10:15 p.m.•3 views

CVE-2022-31299

Haraj v3.7 was discovered to contain a reflected cross-site scripting XSS vulnerability in the User Upgrade Form...

6.1CVSS6.3AI score0.04731EPSS

Exploits2References3

CVE•added 2022/06/16 9:22 p.m.•102 views

CVE-2022-31299

Haraj 3.7 contains a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form. The NVD/Nuclei entries describe a reflected XSS that could allow an attacker to execute malicious scripts in a victim’s browser, potentially enabling credential theft and session-related attacks. An ...

6.1CVSS6AI score0.04731EPSS

Exploits2References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by