CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 101120 / 395
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2023-44166 The 'age' parameter of the process_registration.php resource does not validate the characters received and they are sent unfiltered to the database. 9.8 0.80% 2023-09-28 2026-06-17
CVE-2023-44167 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 該当なし 0.04% 2023-09-28 2024-01-02
CVE-2023-44168 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 該当なし 0.04% 2023-09-28 2024-01-02
CVE-2023-44174 Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability. 6.4 0.35% 2023-09-28 2026-06-17
CVE-2023-43702 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "tracking_number" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-29 2026-06-17
CVE-2023-43703 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "product_info[][name]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-29 2026-06-17
CVE-2023-43704 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "title" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-29 2026-06-17
CVE-2023-43705 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "translation_value[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-29 2026-06-17
CVE-2023-43706 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "email_templates_key" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-29 2026-06-17
CVE-2023-43707 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "CatalogsPageDescriptionForm[1][name] " parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-29 2026-06-17
CVE-2023-43708 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1](MODULE_PAYMENT_SAGE_PAY_SERVER_TEXT_TITLE)" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-29 2026-06-17
CVE-2023-43709 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1](MODULE)" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-29 2026-06-17
CVE-2023-43710 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1][MODULE_SHIPPING_PERCENT_TEXT_TITLE]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-29 2026-06-17
CVE-2023-43711 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "admin_firstname" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-29 2026-06-17
CVE-2023-43712 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "access_levels_name" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-30 2026-06-17
CVE-2023-43713 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability, which allows attackers to inject JS via the "title" parameter, in the "/admin/admin-menu/add-submit" endpoint, which can lead to unauthorized execution of scripts in a user's web browser. 5.4 0.43% 2023-09-30 2026-06-17
CVE-2023-43714 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "SKIP_CART_PAGE_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-30 2026-06-17
CVE-2023-43715 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "ENTRY_FIRST_NAME_MIN_LENGTH_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-30 2026-06-17
CVE-2023-43716 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "MAX_DISPLAY_NEW_PRODUCTS_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-30 2026-06-17
CVE-2023-43717 Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "MSEARCH_HIGHLIGHT_ENABLE_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. 5.4 0.43% 2023-09-30 2026-06-17
cvelogic Threat Intelligence