Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
A Reflected Cross-Site Scripting (XSS) vulnerability has been found in Bagisto v2.0.0. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a
Bagisto is an open source laravel eCommerce platform. A stored Cross-Site Scripting (XSS) vulnerability exists in Bagisto prior to version 2.3.10 within the CMS page editor. Although the platform norm
A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scriptin
An authenticated stored XSS vulnerability exists in the Bagisto 2.3.6 admin panel's product creation path, allowing an attacker to upload a crafted SVG file containing malicious JavaScript code. This
Bagisto is an open source laravel eCommerce platform. In Bagisto v2.3.7, the “Create New Customer” feature (in the admin panel) is vulnerable to Cross-Site Scripting (XSS). An attacker with access to
Bagisto is an open source laravel eCommerce platform. Bagisto v2.3.7 is vulnerable to Server-Side Template Injection (SSTI) due to unsanitized user input being processed by the server-side templating
A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be
A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify and BigCommerce apps allows a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a m
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal baguetteBox.Js allows Cross-Site Scripting (XSS).This issue affects baguetteBox.Js: from 0.
A cross-site scripting (XSS) vulnerability in Typecho v1.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into Name parameter under a comment for an Article
CVE-2024-35540
CRITICAL CVSS 9.0
Find Similar
A stored cross-site scripting (XSS) vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
A stored cross-site scripting (XSS) vulnerability exists in Kiamo before 8.4 due to improper output encoding of user-supplied input in administrative interfaces. An authenticated administrative user c
Reflected Cross-Site Scripting (XSS) vulnerability in /pages/search-results-page in Nosto, which allows remote attackers to execute arbitrary code via the q GET request parameter.
Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the "TEXTO" pa
A reflected cross-site scripting (XSS) vulnerability in Ellevo 6.2.0.38160 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload or URL.
A Reflected Cross Site Scripting (XSS) vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the vic
Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side template injection via type parameter, which can lead to remote code execution or another e
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_tipo_quadro_
Page 1+ Next →