2049 matches found
CVE-2022-40028
SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullName parameter...
CVE-2022-48111
A cross-site scripting XSS vulnerability in the checklogin function of SIPE s.r.l WI400 between version 8 and 11 included allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the f parameter...
CVE-2022-48013
Opencats v0.9.7 was discovered to contain a stored cross-site scripting XSS vulnerability in the component /opencats/index.php?m=calendar. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description or Title text fields...
CVE-2022-45990
A cross-site scripting XSS vulnerability in the component /signupscript.php of Ecommerce-Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the eMail parameter...
CVE-2022-45730
A cross-site scripting XSS vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function...
CVE-2022-45729
A cross-site scripting XSS vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee ID parameter...
CVE-2022-45038
A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field...
CVE-2022-44960
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /general/search.php?searchtype=simple. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field...
CVE-2022-46438
A cross-site scripting XSS vulnerability in the /admin/articlecategory.php component of DouPHP v1.7 20221118 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the description parameter...
CVE-2022-44954
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /contacts/listcontacts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name field after clicking "Add"...
CVE-2022-27441
A stored cross-site scripting XSS vulnerability in TPCMS v3.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Phone text box...
CVE-2022-25464
A stored cross-site scripting XSS vulnerability in the component /admin/contenttemp of DoraCMS v2.1.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2022-43079
A cross-site scripting XSS vulnerability in /admin/add-fee.php of Train Scheduler App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter...
CVE-2022-43660
Improper neutralization of Server-Side Includes SSW within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versions are as follows: Movable...
CVE-2022-23391
A cross-site scripting XSS vulnerability in Pybbs v6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Search box...
CVE-2022-43119
A cross-site scripting XSS vulnerability in Clansphere CMS v2011.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username parameter...
CVE-2022-21158
A stored cross-site scripting vulnerability in marktext versions prior to v0.17.0 due to improper handling of the link with javascript: scheme inside the document may allow an attacker to execute an arbitrary script on the PC of the user using marktext...
CVE-2022-34560
A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter...
CVE-2022-34561
A cross-site scripting XSS vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the video description parameter...
CVE-2022-34140
A stored cross-site scripting XSS vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username field...