Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the fname (First Name) and lname (Last Name) fields.
WebLaudos v20.8 (118) was discovered to contain a cross-site scripting (XSS) vulnerability via the login page.
PHPJabbers Event Ticketing System v1.0 is vulnerable to Reflected Cross-Site Scripting (XSS) in "lid" parameter in index.
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under (a) action=add or action=edit within managemilestone.php file and (b) action=addpro within admin.php file.
PHPJabbers Car Park Booking System v3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key" parameters.
Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via /vam/vam_ep.php.
The WP-SOS-Donate Donation Sidebar Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER['PHP_SELF']` parameter in all versions up to, and including, 0.9.2 due to insu
A vulnerability has been found in SourceCodester Zoo Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/templates/animal_form_template.php.
Cross site scripting (XSS) vulnerability in 17gz International Student service system 1.0 allows attackers to execute arbitrary code via the registration step.
Stored cross-site scripting (XSS) vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser.
Stored cross-site scripting (XSS) vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser.
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the membershipType parameter in edit_type.php
OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting (XSS) via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering thro
Unauthenticated Cross Site Scripting (XSS) in ManageWP Worker <= 4.9.31 versions.
A cross-site scripting (XSS) vulnerability in the Backend Theme Management module of Z-BlogPHP v1.7.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.