• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2023-0571

February 22, 2023 by godfreyd94

A vulnerability has been found in SourceCodester Canteen Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file createcustomer.php of the component Add Customer. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-219730 is the identifier assigned to this vulnerability.

CVE-2023-0599

February 22, 2023 by godfreyd94

Rapid7 Metasploit Pro versions 4.21.2 and lower suffer from a stored cross site scripting vulnerability, due to a lack of JavaScript request string sanitization. Using this vulnerability, an authenticated attacker can execute arbitrary HTML and script code in the target browser against another Metasploit Pro user using a specially crafted request. Note that in most deployments, all Metasploit Pro users tend to enjoy privileges equivalent to local administrator.

CVE-2023-0606

February 22, 2023 by godfreyd94

Cross-site Scripting (XSS) – Reflected in GitHub repository ampache/ampache prior to 5.5.7.

CVE-2023-0607

February 22, 2023 by godfreyd94

Cross-site Scripting (XSS) – Stored in GitHub repository projectsend/projectsend prior to r1606.

CVE-2023-0608

February 22, 2023 by godfreyd94

Cross-site Scripting (XSS) – DOM in GitHub repository microweber/microweber prior to 1.3.2.

CVE-2023-0624

February 22, 2023 by godfreyd94

OrangeScrum version 2.0.11 allows an external attacker to obtain arbitrary user accounts from the application. This is possible because the application returns malicious user input in the response with the content-type set to text/html.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2194
  • Go to page 2195
  • Go to page 2196
  • Go to page 2197
  • Go to page 2198
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE