• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2023-24233

February 22, 2023 by godfreyd94

A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/orders.php?o=add of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Client Name parameter.

CVE-2023-24234

February 22, 2023 by godfreyd94

A stored cross-site scripting (XSS) vulnerability in the component php-inventory-management-system/brand.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Brand Name parameter.

CVE-2023-24322

February 22, 2023 by godfreyd94

A reflected cross-site scripting (XSS) vulnerability in the FileDialog.aspx component of mojoPortal v2.7.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ed and tbi parameters.

CVE-2023-23942

February 22, 2023 by godfreyd94

The Nextcloud Desktop Client is a tool to synchronize files from a Nextcloud Server with your computer. Versions prior to 3.6.3 are missing sanitisation on qml labels which are used for basic HTML elements such as `strong`, `em` and `head` lines in the UI of the desktop client. The lack of sanitisation may allow for javascript injection. It is recommended that the Nextcloud Desktop Client is upgraded to 3.6.3. There are no known workarounds for this issue.

CVE-2023-23949

February 22, 2023 by godfreyd94

An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser.

CVE-2023-23950

February 22, 2023 by godfreyd94

User’s supplied input (usually a CRLF sequence) can be used to split a returning response into two responses.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2179
  • Go to page 2180
  • Go to page 2181
  • Go to page 2182
  • Go to page 2183
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE