CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-48807
https://notcve.org/view.php?id=CVE-2024-48807
Cross Site Scripting vulnerability in PHPGurukul Doctor Appointment Management System v.1.0 allows a local attacker to execute arbitrary code via the search parameter. La vulnerabilidad de Cross Site Scripting en PHPGurukul Doctor Appointment Management System v.1.0 permite a un atacante local ejecutar código arbitrario a través del parámetro de búsqueda. • https://medium.com/%40KrishnaChaganti/cross-site-scripting-xss-in-appointment-management-system-cve-2024-48807-0f7523be9fa2 https://phpgurukul.com/doctor-appointment-management-system-using-php-and-mysql • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-51419
https://notcve.org/view.php?id=CVE-2024-51419
Cross Site Scripting vulnerability in Shenzhen Interconnection Harbor Network Technology Co., Ltd Ofweek Online Exhibition v.1.0.0 allows a remote attacker to execute arbitrary code. La vulnerabilidad de Cross Site Scripting en Shenzhen Interconnection Harbor Network Technology Co., Ltd Ofweek Online Exhibition v.1.0.0 permite a un atacante remoto ejecutar código arbitrario. • https://gist.github.com/475bd8bc21c4f4dfc8f26ce35eb6ca28.git • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: -EXPL: 1CVE-2024-48569
https://notcve.org/view.php?id=CVE-2024-48569
Proactive Risk Manager version 9.1.1.0 is affected by multiple Cross-Site Scripting (XSS) vulnerabilities in the add/edit form fields, at the urls starting with the subpaths: /ar/config/configuation/ and /ar/config/risk-strategy-control/ La versión 9.1.1.0 de Proactive Risk Manager se ve afectada por múltiples vulnerabilidades de Cross Site Scripting (XSS) en los campos de formulario para agregar o editar, en las direcciones URL que comienzan con las subrutas: /ar/config/conguation/ y /ar/config/risk-strategy-control/ • https://github.com/MarioTesoro/CVE-2024-48569 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50520 – Ancient World Linked Data <= 0.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-50520
The Ancient World Linked Data plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 0.2.1 due to insufficient input sanitization and output escaping. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50521 – Alley Elementor Widget <= 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-50521
The Alley Elementor Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •