CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,143 vulnerabilities with CWE-79
CVE-2025-7840
LOW
Campcodes Online Movie Theater Seat Reservation System 1.0 - XSS
CVSS 3.5
CVE-2025-7819
LOW
PHPGurukul Apartment Visitors Management System 1.0 - XSS
CVSS 2.4
CVE-2025-7818
LOW
PHPGurukul Apartment Visitors Management System 1.0 - XSS
CVSS 3.5
CVE-2025-7817
LOW
PHPGurukul Apartment Visitors Management System 1.0 - XSS
CVSS 3.5
CVE-2025-7816
LOW
PHPGurukul Apartment Visitors Management System 1.0 - XSS
CVSS 3.5
CVE-2025-7815
LOW
PHPGurukul Apartment Visitors Management System 1.0 - XSS
CVSS 2.4
CVE-2025-6997
MEDIUM
ThemeREX Addons <= 2.35.1.1 - Authenticated Stored Cross-Site Scripting via SVG File Upload
CVSS 6.4
CVE-2025-7661
MEDIUM
WordPress Partnerský systém Martinus <1.7.1 - XSS
CVSS 6.4
CVE-2025-7658
MEDIUM
Temporarily Hidden Content <1.0.6 - XSS
CVSS 6.4
CVE-2025-7655
MEDIUM
Live Stream Badger <= 1.4.3 - Authenticated Stored Cross-Site Scripting via livestream Shortcode
CVSS 6.4
CVE-2025-7653
MEDIUM
EPay.bg Payments <= 0.1 - Authenticated Stored Cross-Site Scripting via 'epay' Shortcode
CVSS 6.4
CVE-2025-50583
MEDIUM
StudentManage 1.0 - Cross-Site Scripting via Add A New Student Module
CVSS 4.8
CVE-2025-50582
MEDIUM
StudentManage v1.0 - Cross-Site Scripting via Add A New Course Module
CVSS 4.8
CVE-2025-50581
MEDIUM
MRCMS v3.1.2 - Cross-Site Scripting via /admin/group/save.do
CVSS 4.8
CVE-2025-7803
LOW
descreekert wx-discuz <12bd4745c63ec203cb32119bf77ead4a923bf277 - XSS
CVSS 3.5
CVE-2025-50584
MEDIUM
StudentManage v1.0 - Stored Cross-Site Scripting via Add A New Teacher Module
CVSS 4.8
CVE-2025-7802
LOW
PHPGurukul Complaint Management System 2.0 - XSS
CVSS 3.5
CVE-2025-7800
LOW
cgpandey hotelmis < c572198e6c4780fccc63b1d3e8f3f72f825fc94e - XSS
CVSS 3.5
CVE-2025-52169
HIGH
Agorum core open <11.9.2-11.10.1 - XSS
CVSS 7.1
CVE-2025-7791
LOW
PHPGurukul Online Security Guards Hiring System 1.0 - XSS
CVSS 3.5
CVE-2025-54078
MEDIUM
WeGIA < 3.4.6 - Reflected Cross-Site Scripting via personalizacao_imagem.php err Parameter
CVSS 6.5
CVE-2025-54077
MEDIUM
WeGIA < 3.4.6 - Reflected Cross-Site Scripting via personalizacao.php err Parameter
CVSS 6.5
CVE-2025-54076
MEDIUM
WeGIA < 3.4.6 - Reflected Cross-Site Scripting via pre_cadastro_atendido.php msg_e Parameter
CVSS 6.5
CVE-2025-54075
HIGH
MDC < 0.17.2 - Stored Cross-Site Scripting via Base Tag Injection
CVSS 8.3
CVE-2025-7786
LOW
Gnuboard g6 < 6.0.10 - Cross-Site Scripting in Post Reply Handler
CVSS 3.5
Details
Vulnerabilities
45,143
Exploit Likelihood
High