CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,062 vulnerabilities with CWE-79
CVE-2025-12299
MEDIUM
Simple Food Ordering System 1.0 - Cross-Site Scripting via pname/category/price Parameters
CVSS 4.3
CVE-2025-12298
MEDIUM
Simple Food Ordering System 1.0 - Cross-Site Scripting via pname Parameter in editcategory.php
CVSS 4.3
CVE-2025-10023
MEDIUM
Centreon Web 23.10.0-23.10.25 - Authenticated Stored Cross-Site Scripting in Services Meta-services Modules
CVSS 6.2
CVE-2025-12290
MEDIUM
Suishang Enterprise-Level B2B2C Multi-User Mall System 1.0 - XSS
CVSS 4.3
CVE-2025-12289
MEDIUM
Suishang Enterprise-Level B2B2C Multi-User Mall System 1.0 - XSS
CVSS 4.3
CVE-2025-50055
MEDIUM
OpenVPN Access Server <2.14.4 - XSS
CVSS 6.4
CVE-2025-12282
LOW
Client Details System 1.0 - Cross-Site Scripting in /admin/manage-users.php
CVSS 2.4
CVE-2025-12281
LOW
Client Details System 1.0 - Cross-Site Scripting in /admin/clientview.php
CVSS 2.4
CVE-2025-12280
LOW
Client Details System 1.0 - Cross-Site Scripting in /update-clients.php
CVSS 2.4
CVE-2025-41384
MEDIUM
SuiteCRM 7.14.1 - Reflected Cross-Site Scripting via HTTP Referer Header
CVSS 6.1
CVE-2025-12279
LOW
Client Details System 1.0 - Cross-Site Scripting in /welcome.php
CVSS 2.4
CVE-2025-12269
LOW
LearnHouse < 2025-09-21 - Cross-Site Scripting in Account Setting Page
CVSS 3.5
CVE-2025-12267
MEDIUM
abhicodebox ModernShop <20250922 - XSS
CVSS 4.3
CVE-2025-12264
LOW
Wisencode < 20251012 - Cross-Site Scripting via Message Parameter in Support Ticket Handler
CVSS 3.5
CVE-2025-12251
LOW
OpenWGA 7.11.12 Build 737 - Cross-Site Scripting in Admin UI
CVSS 3.5
CVE-2025-12246
MEDIUM
chatwoot < 4.7.0 - Cross-Site Scripting via IframeLoader Link Argument
CVSS 4.3
CVE-2025-12244
MEDIUM
Simple E-Banking System 1.0 - Cross-Site Scripting via Username Parameter in Register Page
CVSS 4.3
CVE-2025-11682
HIGH
Perx Customer Engagement & Loyalty Platform - XSS
CVE-2025-12231
LOW
projectworlds Expense Management System 1.0 - Cross-Site Scripting in Expense Categories Page
CVSS 2.4
CVE-2025-12230
LOW
projectworlds Expense Management System 1.0 - Cross-Site Scripting in Currency Page
CVSS 2.4
CVE-2025-12229
LOW
projectworlds Expense Management System 1.0 - Cross-Site Scripting in Roles Page
CVSS 2.4
CVE-2025-12228
LOW
projectworlds Expense Management System 1.0 - Cross-Site Scripting in Users Page
CVSS 2.4
CVE-2025-12227
LOW
projectworlds Gate Pass Management System 1.0 - Cross-Site Scripting in /add-pass.php
CVSS 3.5
CVE-2025-12224
LOW
php-business-website <10677743a8dfc281f85291a27cf63a0bce043c24 - XSS
CVSS 3.5
CVE-2025-48088
MEDIUM
Brainstorm Force Ultimate Addons <3.21.1 - XSS
CVSS 6.5
Details
Vulnerabilities
45,062
Exploit Likelihood
High