Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-17 | CVE-2023-51728 | Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24 This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Password parameter at its web interface. | 5.4 |
| 2024-01-17 | CVE-2023-51729 | Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24 This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Username parameter at its web interface. | 5.4 |
| 2024-01-17 | CVE-2023-51730 | Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24 This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the DDNS Password parameter at its web interface. | 5.4 |
| 2024-01-17 | CVE-2023-51731 | Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24 This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Hostname parameter at its web interface. | 5.4 |
| 2024-01-17 | CVE-2023-51732 | Cross-site Scripting vulnerability in Skyworthdigital Cm5100 Firmware 4.1.1.24 This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the IPsec Tunnel Name parameter at its web interface. | 5.4 |
| 2024-01-17 | CVE-2023-25295 | Cross-site Scripting vulnerability in Gruen Evewa3 31/53 A Cross Site Scripting (XSS) vulnerability in evewa3ajax.php in GRUEN eVEWA3 Community 31 through 53 allows attackers to obtain escalated privileges via a crafted request to the login panel. | 6.1 |
| 2024-01-17 | CVE-2023-46952 | Cross-site Scripting vulnerability in Abocms Abo.Cms 5.9.3 Cross Site Scripting vulnerability in ABO.CMS v.5.9.3 allows an attacker to execute arbitrary code via a crafted payload to the Referer header. | 6.1 |
| 2024-01-17 | CVE-2023-52069 | Cross-site Scripting vulnerability in Kodcloud Kodbox 1.49.04 kodbox v1.49.04 was discovered to contain a cross-site scripting (XSS) vulnerability via the URL parameter. | 5.4 |
| 2024-01-16 | CVE-2023-51807 | Cross-site Scripting vulnerability in Ofcms Project Ofcms 1.1.4 Cross Site Scripting vulnerability in OFCMS v.1.14 allows a remote attacker to obtain sensitive information via a crafted payload to the title addition component. | 5.4 |
| 2024-01-16 | CVE-2023-36236 | Cross-site Scripting vulnerability in Webkul Bagisto Cross Site Scripting vulnerability in webkil Bagisto v.1.5.0 and before allows an attacker to execute arbitrary code via a crafted SVG file uplad. | 4.8 |