Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-4646 |
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /view/student_payment_details.php. The manipulation of the argument index leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-263490 is the identifier assigned to this vulnerability. Published: May 08, 2024; 9:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-4645 |
A vulnerability was found in SourceCodester Prison Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /Admin/changepassword.php. The manipulation of the argument txtold_password/txtnew_password/txtconfirm_password leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263489 was assigned to this vulnerability. Published: May 08, 2024; 9:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34255 |
jizhicms v2.5.1 contains a Cross-Site Scripting(XSS) vulnerability in the message function. Published: May 08, 2024; 9:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-1438 |
Missing Authorization vulnerability in PressFore Rolo Slider.This issue affects Rolo Slider: from n/a through 1.0.9. Published: May 08, 2024; 9:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-4644 |
A vulnerability has been found in SourceCodester Prison Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /Employee/changepassword.php. The manipulation of the argument txtold_password/txtnew_password/txtconfirm_password leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263488. Published: May 08, 2024; 8:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34561 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative interactive media 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin allows Stored XSS.This issue affects 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin: from n/a through 3.71. Published: May 08, 2024; 8:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34560 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GOMO gee Search Plus allows Stored XSS.This issue affects gee Search Plus: from n/a through 1.4.4. Published: May 08, 2024; 8:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34558 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF allows Stored XSS.This issue affects WOLF: from n/a through 1.0.8.2. Published: May 08, 2024; 8:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34553 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Select-Themes Stockholm Core allows Reflected XSS.This issue affects Stockholm Core: from n/a through 2.4.1. Published: May 08, 2024; 8:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34548 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.4.8. Published: May 08, 2024; 8:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34547 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through 1.1.34. Published: May 08, 2024; 8:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34546 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HabibCoder Sticky Social Link allows Stored XSS.This issue affects Sticky Social Link: from n/a through 1.0.0. Published: May 08, 2024; 8:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34414 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nobita allows Stored XSS.This issue affects raindrops: from n/a through 1.600. Published: May 08, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2022-40218 |
Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.1.4. Published: May 08, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3507 |
Improper privilege management vulnerability in Lunar software that affects versions 6.0.2 through 6.6.0. This vulnerability allows an attacker to perform a secondary process injection into the Lunar application and abuse those rights to access sensitive user information. Published: May 08, 2024; 7:15:25 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34570 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a through 1.4.3. Published: May 08, 2024; 7:15:25 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34569 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Katie Seaborn Zotpress allows Stored XSS.This issue affects Zotpress: from n/a through 7.3.9. Published: May 08, 2024; 7:15:25 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34568 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeqx LetterPress allows Stored XSS.This issue affects LetterPress: from n/a through 1.2.1. Published: May 08, 2024; 7:15:25 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34566 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Johan van der Wijk Content Blocks (Custom Post Widget) allows Stored XSS.This issue affects Content Blocks (Custom Post Widget): from n/a through 3.3.0. Published: May 08, 2024; 7:15:24 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34565 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Debug Info allows Stored XSS.This issue affects Debug Info: from n/a through 1.3.10. Published: May 08, 2024; 7:15:24 AM -0400 |
V3.x:(not available) V2.0:(not available) |