CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,369 vulnerabilities with CWE-79
CVE-2024-56210
HIGH
Userpro <= 5.1.9 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-56209
HIGH
Kleo < 5.4.4 - Reflected Cross-Site Scripting
CVSS 7.1
CVE-2024-13069
LOW
SourceCodester Multi Role Login System 1.0 - XSS
CVSS 3.5
CVE-2024-56517
MEDIUM
LGSL <= 6.2.1 - Reflected Cross-Site Scripting via Referer HTTP Header
CVE-2024-47925
HIGH
TCExam < 16.3.5 - Cross-Site Scripting
CVSS 7.5
CVE-2024-47924
HIGH
Boa web - Cross-Site Scripting
CVSS 7.5
CVE-2024-47920
HIGH
Tiki Wiki CMS < 28 - Cross-Site Scripting
CVSS 7.5
CVE-2024-47917
HIGH
Mobotix CCTV FW - Cross-Site Scripting
CVSS 7.5
CVE-2024-13034
LOW
code-projects Chat System 1.0 - XSS
CVSS 3.5
CVE-2024-13033
LOW
code-projects Chat System 1.0 - XSS
CVSS 3.5
CVE-2024-13031
LOW
Antabot White-Jotter <= 0.2.2 - Cross-Site Scripting in Article Content Editor
CVSS 2.4
CVE-2024-13023
LOW
PHPGurukul Maid Hiring Management System 1.0 - XSS
CVSS 2.4
CVE-2024-13021
LOW
SourceCodester Road Accident Map Marker 1.0 - XSS
CVSS 3.5
CVE-2024-13019
LOW
code-projects Chat System 1.0 - XSS
CVSS 3.5
CVE-2024-13018
LOW
PHPGurukul Maid Hiring Management System 1.0 - XSS
CVSS 2.4
CVE-2024-13017
LOW
PHPGurukul Maid Hiring Management System 1.0 - XSS
CVSS 2.4
CVE-2024-13015
LOW
PHPGurukul Maid Hiring Management System 1.0 - XSS
CVSS 2.4
CVE-2024-13013
LOW
PHPGurukul Maid Hiring Management System 1.0 - XSS
CVSS 2.4
CVE-2024-13012
LOW
Hostel Management System 1.0 - Cross-Site Scripting via Registration Form Input
CVSS 3.5
CVE-2024-12998
MEDIUM
Online Car Rental System 1.0 - Cross-Site Scripting via GET Parameter Handler
CVSS 4.3
CVE-2024-12995
LOW
ruifang-tech Rebuild 3.8.6 - Stored Cross-Site Scripting in Project Tasks Section
CVSS 3.5
CVE-2024-54775
MEDIUM
Dcat-Admin v2.2.0-beta and v2.2.2-beta - Cross-Site Scripting via /admin/auth/menu and /admin/auth/extensions
CVSS 4.8
CVE-2024-54774
MEDIUM
Dcat Admin v2.2.0-beta - Stored Cross-Site Scripting in /admin/articles/create
CVSS 4.8
CVE-2024-54451
MEDIUM
Kurmi Provisioning Suite <7.9.0.38, 7.10.x-7.10.0.18, 7.11.x-7.11.0...
CVSS 4.8
CVE-2024-12991
LOW
DBShop 3.3 Release 231225 - Cross-Site Scripting via orderStatus Parameter
CVSS 3.5
Details
Vulnerabilities
45,369
Exploit Likelihood
High