聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。
分配机构(CNA / 来源):[email protected] 移除此筛选
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2023-44166 | The 'age' parameter of the process_registration.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 | 0.80% | 2023-09-28 | 2026-06-17 |
| CVE-2023-44167 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 无 | 0.04% | 2023-09-28 | 2024-01-02 |
| CVE-2023-44168 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 无 | 0.04% | 2023-09-28 | 2024-01-02 |
| CVE-2023-44174 | Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability. | 6.4 | 0.35% | 2023-09-28 | 2026-06-17 |
| CVE-2023-43702 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "tracking_number" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43703 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "product_info[][name]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43704 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "title" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43705 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "translation_value[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43706 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "email_templates_key" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43707 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "CatalogsPageDescriptionForm[1][name] " parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43708 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1](MODULE_PAYMENT_SAGE_PAY_SERVER_TEXT_TITLE)" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43709 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1](MODULE)" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43710 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "configuration_title[1][MODULE_SHIPPING_PERCENT_TEXT_TITLE]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43711 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "admin_firstname" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-29 | 2026-06-17 |
| CVE-2023-43712 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "access_levels_name" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43713 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability, which allows attackers to inject JS via the "title" parameter, in the "/admin/admin-menu/add-submit" endpoint, which can lead to unauthorized execution of scripts in a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43714 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "SKIP_CART_PAGE_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43715 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "ENTRY_FIRST_NAME_MIN_LENGTH_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43716 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "MAX_DISPLAY_NEW_PRODUCTS_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |
| CVE-2023-43717 | Os Commerce is currently susceptible to a Cross-Site Scripting (XSS) vulnerability. This vulnerability allows attackers to inject JS through the "MSEARCH_HIGHLIGHT_ENABLE_TITLE[1]" parameter, potentially leading to unauthorized execution of scripts within a user's web browser. | 5.4 | 0.43% | 2023-09-30 | 2026-06-17 |