CWE-79
High likelihoodImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
45,468 vulnerabilities with CWE-79
CVE-2024-44797
MEDIUM
gazelle < 2016-11-08 - Cross-Site Scripting via /managers/enable_requests.php view Parameter
CVSS 6.1
CVE-2024-44796
MEDIUM
PicUploader < 2024-02-13 - Cross-Site Scripting via AzureRedirect Error Description Parameter
CVSS 6.1
CVE-2024-44795
MEDIUM
gazelle < 2016-11-08 - Cross-Site Scripting via Username Parameter in Disabled Login Page
CVSS 6.1
CVE-2024-44794
MEDIUM
xiebruce/picuploader < 2024-02-13 - Cross-Site Scripting via OnedriveRedirect.php error_description Parameter
CVSS 6.1
CVE-2024-44793
MEDIUM
Gazelle < 2016-11-08 - Cross-Site Scripting via Torrents Parameter
CVSS 6.1
CVE-2024-42906
MEDIUM
TestLink < 1.9.20 - Cross-Site Scripting via File Upload Pop-up
CVSS 6.1
CVE-2024-45265
CRITICAL
SkySystem Arfa-CMS <5.1.3124 - SQL Injection
CVSS 9.8
CVE-2024-8174
MEDIUM
Blood Bank System 1.0 - Cross-Site Scripting via Login Page User Parameter
CVSS 4.3
CVE-2024-42790
MEDIUM
Kashipara Music Management System <1.0 - XSS
CVSS 5.4
CVE-2024-8172
LOW
SourceCodester QR Code Attendance System 1.0 - XSS
CVSS 3.5
CVE-2024-43967
MEDIUM
Stark Digital WP Testimonial Widget < 3.1 - Stored Cross-Site Scripting
CVSS 5.9
CVE-2024-42818
MEDIUM
fastapi-admin pro 0.1.4 - Stored Cross-Site Scripting via Config-Create Product Name Parameter
CVSS 6.1
CVE-2024-42816
MEDIUM
fastapi-admin pro 0.1.4 - Stored Cross-Site Scripting via Product Name Parameter
CVSS 6.1
CVE-2024-42791
HIGH
Kashipara Music Management System <v1.0 - CSRF
CVSS 8.8
CVE-2024-42788
MEDIUM
Kashipara Music Management System v1.0 - XSS
CVSS 6.1
CVE-2024-42789
MEDIUM
Kashipara Music Management System <1.0 - XSS
CVSS 6.3
CVE-2024-42787
MEDIUM
Kashipara Music Management System v1.0 - Stored Cross-Site Scripting via Playlist Title and Description Parameters
CVSS 6.1
CVE-2024-38859
MEDIUM
Checkmk < 2.3.0p14, < 2.2.0p33, < 2.1.0p47 - Stored Cross-Site Scripting in SLA Column Title
CVSS 6.1
CVE-2024-43442
MEDIUM
OTRS <7.0.50,8.0,X,2023.X,2024.5.X - XSS
CVSS 4.9
CVE-2024-7313
MEDIUM
Shield Security < 20.0.6 - Reflected Cross-Site Scripting
CVSS 6.1
CVE-2024-6879
MEDIUM
Quiz and Survey Master < 9.1.1 - Stored Cross-Site Scripting in Quiz Fields
CVSS 4.7
CVE-2024-8154
LOW
SourceCodester QR Code Bookmark System 1.0 - XSS
CVSS 3.5
CVE-2024-8153
LOW
SourceCodester QR Code Bookmark System 1.0 - XSS
CVSS 3.5
CVE-2024-8152
LOW
SourceCodester QR Code Bookmark System 1.0 - XSS
CVSS 3.5
CVE-2024-8151
LOW
SourceCodester Interactive Map 1.0 - XSS
CVSS 3.5
Details
Vulnerabilities
45,468
Exploit Likelihood
High