Total
42515 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-51610 | 1 Seothemes | 1 Display Terms Shortcode | 2024-11-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SEO Themes Display Terms Shortcode allows Stored XSS.This issue affects Display Terms Shortcode: from n/a through 1.0.4. | ||||
| CVE-2024-51605 | 1 Genoo | 1 Genoo | 2024-11-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Genoo, LLC Genoo allows DOM-Based XSS.This issue affects Genoo: from n/a through 6.0.10. | ||||
| CVE-2024-51603 | 1 Mirceatm | 1 Nmr Strava Activities | 2024-11-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mircea N. NMR Strava activities allows DOM-Based XSS.This issue affects NMR Strava activities: from n/a through 1.0.6. | ||||
| CVE-2024-51604 | 1 Jumpstartcreatives | 1 Media Modal | 2024-11-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Carlo Andro Mabugay Media Modal allows DOM-Based XSS.This issue affects Media Modal: from n/a through 1.0.2. | ||||
| CVE-2024-52358 | 1 Cyberchimps | 1 Responsive Addons For Elementor | 2024-11-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cyberchimps Responsive Addons for Elementor allows DOM-Based XSS.This issue affects Responsive Addons for Elementor: from n/a through 1.5.4. | ||||
| CVE-2024-52356 | 1 Webangon | 1 The Pack Elementor Addons | 2024-11-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webangon The Pack Elementor addons allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through 2.1.0. | ||||
| CVE-2024-52357 | 1 Lqd | 1 Liquid Blocks | 2024-11-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LIQUID DESIGN Ltd. LIQUID BLOCKS allows Stored XSS.This issue affects LIQUID BLOCKS: from n/a through 1.2.0. | ||||
| CVE-2024-45594 | 1 Decidim | 1 Decidim | 2024-11-15 | 7.7 High |
| Decidim is a participatory democracy framework. The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malformed URL. This vulnerability is fixed in 0.28.3 and 0.29.0. | ||||
| CVE-2024-45254 | 1 Vaemendis | 1 Vaemendis Ubooquity | 2024-11-15 | 7.5 High |
| VaeMendis - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||||
| CVE-2024-7787 | 2024-11-15 | N/A | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ITG Computer Technology vSRM Supplier Relationship Management System allows Reflected XSS, Cross-Site Scripting (XSS).This issue affects vSRM Supplier Relationship Management System: before 28.08.2024. | ||||
| CVE-2024-7124 | 1 Poznan Supercomputing And Networking Center | 1 Dingo Dlibra | 2024-11-15 | N/A |
| Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra software in the parameter 'filter' in the endpoint 'indexsearch' allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects DInGO dLibra software in versions from 6.0 before 6.3.20. | ||||
| CVE-2024-51377 | 1 Ladybirdweb | 1 Faveo Helpdesk | 2024-11-14 | 8.8 High |
| An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields | ||||
| CVE-2024-41745 | 1 Ibm | 1 Cics Tx | 2024-11-14 | 6.1 Medium |
| IBM CICS TX Standard is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2024-51597 | 1 Brandevolutionco | 1 Themeshark Templates \& Widgets For Elementor | 2024-11-14 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeShark ThemeShark Templates & Widgets for Elementor allows Stored XSS.This issue affects ThemeShark Templates & Widgets for Elementor: from n/a through 1.1.7. | ||||
| CVE-2024-51589 | 1 Wpcirqle | 1 Bigmart Elements | 2024-11-14 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpcirqle Bigmart Elements allows DOM-Based XSS.This issue affects Bigmart Elements: from n/a through 1.0.3. | ||||
| CVE-2024-51588 | 1 Themehat | 1 Super Addons For Elementor | 2024-11-14 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themehat Super Addons for Elementor allows DOM-Based XSS.This issue affects Super Addons for Elementor: from n/a through 1.0. | ||||
| CVE-2024-51587 | 1 Softfirm | 1 Definitive Addons For Elementor | 2024-11-14 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Softfirm Definitive Addons for Elementor allows Stored XSS.This issue affects Definitive Addons for Elementor: from n/a through 1.5.16. | ||||
| CVE-2024-52351 | 1 Bu | 1 Bu Slideshow | 2024-11-14 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Boston University (IS&T) BU Slideshow allows Stored XSS.This issue affects BU Slideshow: from n/a through 2.3.10. | ||||
| CVE-2024-52350 | 1 Crm2go | 1 Crm2go | 2024-11-14 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CRM 2go allows DOM-Based XSS.This issue affects CRM 2go: from n/a through 1.0. | ||||
| CVE-2024-51490 | 1 Ampache | 1 Ampache | 2024-11-14 | 5.5 Medium |
| Ampache is a web based audio/video streaming application and file manager. This vulnerability exists in the interface section of the Ampache menu, where users can change "Custom URL - Logo". This section is not properly sanitized, allowing for the input of strings that can execute JavaScript. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||