CVSS: 4.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-51054
https://notcve.org/view.php?id=CVE-2024-51054
A Cross Site Scriptng (XSS) vulnerability was found in /omrs/admin/search.php in PHPGurukul Online Marriage Registration System 1.0, which allows remote attackers to execute arbitrary code via the "searchdata" POST request parameter. • https://github.com/vkcyberexpert/CVE-Writeup/blob/main/PHPGurukul/Marriage%20Registration/Reflected%20Cross%20Site%20Scriptng%20o.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-51135
https://notcve.org/view.php?id=CVE-2024-51135
An XML External Entity (XXE) vulnerability in the component DocumentBuilderFactory of powertac-server v1.9.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities. • http://www.powertac.org https://github.com/powertac/powertac-server https://github.com/powertac/powertac-server/issues/1166 https://mvnrepository.com/artifact/org.powertac/server-interface • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-51213
https://notcve.org/view.php?id=CVE-2024-51213
Cross Site Scripting vulnerability in Online Shop Store v.1.0 allows a remote attacker to execute arbitrary code via the login.php component. • https://github.com/Prabhatsk7/CVE/blob/main/CVE-2024-51213 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9357 – xili-tidy-tags <= 1.12.04 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-9357
The xili-tidy-tags plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'action' parameter in all versions up to, and including, 1.12.04 due to insufficient input sanitization and output escaping. • source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-11050 – AMTT Hotel Broadband Operation System language.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-11050
The manipulation of the argument LangID/LangName/LangEName leads to cross site scripting. ... Durch Manipulation des Arguments LangID/LangName/LangEName mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. • https://vuldb.com/?ctiid.283793 https://vuldb.com/?id.283793 https://vuldb.com/?submit.432690 https://wiki.shikangsi.com/post/share/ba791f6d-7f63-494f-bd73-827ed7f26e2e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •