Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2023-44166 | The 'age' parameter of the process_registration.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | 0.80% | 2023-09-28 | 2026-06-17 |
| CVE-2023-44167 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.04% | 2023-09-28 | 2024-01-02 |
| CVE-2023-44168 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.04% | 2023-09-28 | 2024-01-02 |
| CVE-2023-44174 | Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability. | 6.4 | 0.35% | 2023-09-28 | 2026-06-17 |
| CVE-2023-43702 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "tracking_number" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43703 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "product_info[][name]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43704 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "title" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43705 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "translation_value[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43706 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "email_templates_key" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43707 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "CatalogsPageDescriptionForm[1][name] " parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43708 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1](MODULE_PAYMENT_SAGE_PAY_SERVER_TEXT_TITLE)" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43709 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1](MODULE)" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43710 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1][MODULE_SHIPPING_PERCENT_TEXT_TITLE]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43711 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "admin_firstname" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43712 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "access_levels_name" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43713 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability, which allows attackers to inject JS via the "title" parameter, in the "/admin/admin-menu/add-submit" endpoint, which can lead to unauthorized execution of scripts in a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43714 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "SKIP_CART_PAGE_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43715 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "ENTRY_FIRST_NAME_MIN_LENGTH_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43716 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "MAX_DISPLAY_NEW_PRODUCTS_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43717 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "MSEARCH_HIGHLIGHT_ENABLE_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |