CVE-2024-4214

LOW Year: 2024
CVSS v3 Score
2.7
Low
Weakness Type
CWE-80
View all →

Vulnerability Description

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in Bill Minozzi Car Dealer allows Code Injection.This issue affects Car Dealer: from n/a through 4.15.

Related Vulnerabilities

CVE-2020-4049

LOW
CVSS:2.4(Low)

In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does requir...

CWE-802020

CVE-2024-51472

LOW
CVSS:3.1(Low)

IBM UrbanCode Deploy (UCD) 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0 through 8.0.1.3 are vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary...

CWE-802024

CVE-2025-29431

LOW
CVSS:3.2(Low)

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/department.php via the id, code, and name parameters.

CWE-802025

CVE-2020-5283

LOW
CVSS:3.5(Low)

ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges ...

CWE-802020

CVE-2024-5851

MEDIUM
CVSS:3.5(Low)

A vulnerability classified as problematic has been found in playSMS up to 1.4.7. Affected is an unknown function of the file /index.php?app=main&inc=feature_schedule&op=list of the component SMS Sched...

CWE-802024

CVE-2025-29430

MEDIUM
CVSS:4.1(Medium)

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/room.php via the id and rome parameters.

CWE-802025