CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-43091 – Gnome-maps: gnome maps is vulnerable to a code injection attack (similar to xss) via its service.json
https://notcve.org/view.php?id=CVE-2023-43091
A flaw was found in GNOME Maps, which is vulnerable to a code injection attack via its service.json configuration file. If the configuration file is malicious, it may execute arbitrary code. • https://bugzilla.redhat.com/show_bug.cgi?id=2239091 https://gitlab.gnome.org/GNOME/gnome-maps/-/commit/d26cd774d524404ef7784e6808f551de83de4bea https://gitlab.gnome.org/GNOME/gnome-maps/-/issues/588 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-52416 – WordPress Debug Tool plugin <= 2.2 - Remote Code Execution vulnerability
https://notcve.org/view.php?id=CVE-2024-52416
Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Upload a Web Shell to a Web Server.This issue affects Debug Tool: from n/a through 2.2. • https://patchstack.com/database/vulnerability/debug-tool/wordpress-debug-tool-plugin-2-2-remote-code-execution-vulnerability? • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-11259 – code-projects Farmacia fornecedores.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-11259
A vulnerability, which was classified as problematic, has been found in code-projects Farmacia 1.0. ... Eine Schwachstelle wurde in code-projects Farmacia 1.0 entdeckt. • https://code-projects.org https://github.com/13u11erFly/cve/blob/main/xss.md https://vuldb.com/? • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-11247 – SourceCodester Online Eyewear Shop Inventory Page Master.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-11247
A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=save_product of the component Inventory Page. The manipulation of the argument brand leads to cross site scripting. The attack can be launched remotely. • https://github.com/Fl4g-Pshacker/cve/blob/main/xss.md https://vuldb.com/?ctiid.284683 https://vuldb.com/?id.284683 https://vuldb.com/?submit.443194 https://www.sourcecodester.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-11246 – code-projects Farmacia adicionar-cliente.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-11246
A vulnerability, which was classified as problematic, was found in code-projects Farmacia 1.0. ... Es wurde eine Schwachstelle in code-projects Farmacia 1.0 gefunden. • https://code-projects.org https://github.com/curry136/cve/blob/main/xss8.md https://vuldb.com/? • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •