• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-26533

February 23, 2023 by godfreyd94

Alist v2.1.0 and below was discovered to contain a cross-site scripting (XSS) vulnerability via /i/:data/ipa.plist.

CVE-2022-2654

February 23, 2023 by godfreyd94

The Classima WordPress theme before 2.1.11 and some of its required plugins (Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10) do not escape a parameter before outputting it back in attributes, leading to Reflected Cross-Site Scripting

CVE-2022-2655

February 23, 2023 by godfreyd94

The Classified Listing Pro WordPress plugin before 2.0.20 does not escape a generated URL before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting

CVE-2022-26555

February 23, 2023 by godfreyd94

A stored cross-site scripting (XSS) vulnerability in the Add a Button function of Eova v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the button name text box.

CVE-2022-26564

February 23, 2023 by godfreyd94

HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting (XSS) vulnerability via the prezzoperiodo4 parameter in creaprezzi.php.

CVE-2022-26565

February 23, 2023 by godfreyd94

A cross-site scripting (XSS) vulnerability in Totaljs all versions before commit 95f54a5commit, allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page Name text field when creating a new page.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2009
  • Go to page 2010
  • Go to page 2011
  • Go to page 2012
  • Go to page 2013
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE