Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bootstrap vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-25093
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in blog.php. within application/views/templates/clothesshop, application/views/templates/onepage, and application/views/templates/redlabel.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
6.1
CVSSv3
CVE-2020-25088
Ecommerce-CodeIgniter-Bootstrap prior to 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
6.1
CVSSv3
CVE-2022-26624
Bootstrap v3.1.11 and v3.3.7 exists to contain a cross-site scripting (XSS) vulnerability via the Title parameter in /vendor/views/add_product.php.
Ecommerce Codeigniter Bootstrap Project Ecommerce Codeigniter Bootstrap -
1 Github repository
6.1
CVSSv3
CVE-2019-10215
Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter() function. An attacker could exploit this via user interaction to execute code in the user's browser.
Bootstrap-3-typeahead Project Bootstrap-3-typeahead
6.1
CVSSv3
CVE-2023-23010
Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows malicious users to execute arbitrary code via the languages and trans_load parameters in file add_product.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
6.1
CVSSv3
CVE-2021-23398
All versions of package react-bootstrap-table are vulnerable to Cross-site Scripting (XSS) via the dataFormat parameter. The problem is triggered when an invalid React element is returned, leading to dangerouslySetInnerHTML being used, which does not sanitize the output.
React-bootstrap-table Project React-bootstrap-table -
5.4
CVSSv3
CVE-2022-4576
The Easy Bootstrap Shortcode WordPress plugin up to and including 4.5.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks ...
Easy Bootstrap Shortcode Project Easy Bootstrap Shortcode
6.1
CVSSv3
CVE-2021-40975
Cross-site scripting (XSS) vulnerability in application/modules/admin/views/ecommerce/products.php in Ecommerce-CodeIgniter-Bootstrap (Codeigniter 3.1.11, Bootstrap 3.3.7) allows remote malicious users to inject arbitrary web script or HTML via the search_title parameter.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap -
6.1
CVSSv3
CVE-2022-35213
Ecommerce-CodeIgniter-Bootstrap before commit 56465f exists to contain a cross-site scripting (XSS) vulnerability via the function base_url() at /blog/blogpublish.php.
Ecommerce-codeigniter-bootstrap Project Ecommerce-codeigniter-bootstrap
2 Github repositories
5.4
CVSSv3
CVE-2022-4834
The CPT Bootstrap Carousel WordPress plugin up to and including 1.12 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks whi...
Cpt Bootstrap Carousel Project Cpt Bootstrap Carousel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »