Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5838 matches found

BDU FSTEC
BDU FSTECadded 2022/01/25 12:0 a.m.4 views

The vulnerability of NETGEAR’s Wi-Fi routers—CBR750, RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850—is related to insufficient cleaning of input data, allowing attackers to execute arbitrary commands.

The vulnerability of the built-in Wi-Fi router software of NETGEAR models CBR750, RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850 lies in insufficient cleaning of input data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

9.6CVSS8AI score0.00833EPSS
Exploits0References3Affected Software7
CNNVD
CNNVDadded 2022/01/25 12:0 a.m.9 views

ForestBlog 跨站脚本漏洞

ForestBlog is an application. A personal blog. ForestBlog suffers from a cross-site scripting vulnerability that stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit the vulnerability to execute JavaScript code on the client side...

6.1CVSS5.6AI score0.00588EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/01/24 12:0 a.m.7 views

Construction Industry Solutions Conis Construction Cloud 跨站脚本漏洞

Construction Industry Solutions Conis Construction Cloud is an end-to-end cloud and mobile software solution from Construction Industry Solutions, Inc. A cross-site scripting vulnerability exists in Construction Industry Solutions Conis Construction Cloud, which stems from the lack of proper...

6.1CVSS5.3AI score0.01085EPSS
Exploits1References4
CNNVD
CNNVDadded 2022/01/24 12:0 a.m.5 views

CodeIgniter 跨站脚本漏洞

CodeIgniter is an open source web framework written in the PHP language. CodeIgniter 4 suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

6.1CVSS6.1AI score0.01002EPSS
Exploits0References5
CNVD
CNVDadded 2022/01/23 12:0 a.m.20 views

microweber cross-site scripting vulnerability

Microweber is an online store management system from the Microweber community in the United States that provides drag-and-drop functionality. The system includes modules for adding products, images, etc. A cross-site scripting vulnerability exists in microweber, which stems from a lack of data...

7.2CVSS2.5AI score0.00728EPSS
Exploits1References1
CNVD
CNVDadded 2022/01/23 12:0 a.m.11 views

JavaQuarkBBS Cross-Site Scripting Vulnerability

JavaQuarkBbs is a simple Java community based on Spring Boot implementation in China.JavaQuarkBBS in v2 and its previous versions suffers from a cross-site scripting vulnerability, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit thi...

5.4CVSS3.3AI score0.00495EPSS
Exploits1References1
CNVD
CNVDadded 2022/01/23 12:0 a.m.16 views

mysiteforme cross-site scripting vulnerability

Mysiteforme is a permission management system. mysiteforme suffers from a cross-site scripting vulnerability that stems from the lack of user-supplied data and output data validation filtering in the blog tagging function of the backend blog management. An attacker could exploit the vulnerability...

5.4CVSS3AI score0.00441EPSS
Exploits1References1
CNVD
CNVDadded 2022/01/23 12:0 a.m.26 views

PhpIPAM Cross-Site Scripting Vulnerability (CNVD-2022-08175)

phpIPAM is an open source PHP and MySQL-based IP address management application IPAM. phpIPAM in v1.4.4 is vulnerable to a cross-site scripting vulnerability that stems from a lack of user-supplied data and output data validation filtering in the Site title parameter when updating site settings. ...

4.8CVSS2AI score0.00621EPSS
Exploits1References1
CNVD
CNVDadded 2022/01/23 12:0 a.m.36 views

WordPress WP HTML Mail plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress WP HTML Mail plugin in version 3.0.9 and earlier is vulnerable to a cross-site scripting vulnerability tha...

8.3CVSS1.1AI score0.70511EPSS
Exploits3References1
CNVD
CNVDadded 2022/01/23 12:0 a.m.18 views

Mitsubishi Electric MC Works64 Cross-Site Scripting Vulnerability

Mitsubishi Electric MC Works64 is a data acquisition and monitoring system SCADA from Mitsubishi Electric Japan. Mitsubishi Electric MC Works64 suffers from a cross-site scripting vulnerability that stems from a lack of checksum filtering of user-supplied data and output. An attacker could exploi...

6.1CVSS6AI score0.01614EPSS
Exploits0References1
CNVD
CNVDadded 2022/01/23 12:0 a.m.13 views

zulip cross-site scripting vulnerability

Zulip is a powerful open source group chat application from the Zulip team. Used to combine the immediacy of real-time chat with the productivity benefits of threaded conversations. Zulip suffers from a cross-site scripting vulnerability that stems from a lack of data validation filtering of...

6.8CVSS5.3AI score0.0089EPSS
Exploits1References1
CNNVD
CNNVDadded 2022/01/23 12:0 a.m.5 views

AppCMS 跨站脚本漏洞

AppCMS is a content management system CMS for mobile application downloads. a cross-site scripting vulnerability exists in AppCMS, which stems from the lack of proper validation of client-side data in the WEB application. An attacker could exploit this vulnerability to execute client-side code...

6.1CVSS5.3AI score0.02542EPSS
Exploits1References2
CNVD
CNVDadded 2022/01/21 12:0 a.m.18 views

Saraban Cross-Site Scripting Vulnerability

Saraban is a document management system from Softvibe Thailand. It is used for transferring files and notifications to reduce unnecessary duplication.SARABAN has a cross-site scripting vulnerability in version 1.1, which stems from the lack of data validation filtering of user-supplied data and...

5.4CVSS3.2AI score0.00809EPSS
Exploits1References1
CNVD
CNVDadded 2022/01/21 12:0 a.m.21 views

pimcore Cross-Site Scripting Vulnerability (CNVD-2022-07500)

Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce frameworks and product information management applications.Pimcore has cross-site scripting...

6.6CVSS3.3AI score0.0154EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiativeadded 2022/01/21 12:0 a.m.21 views

Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle MySQL Cluster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of Data Node jobs. The issue results from the lack of proper...

9.8CVSS7.6AI score0.02795EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2022/01/21 12:0 a.m.23 views

Oracle MySQL Cluster Data Node Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle MySQL Cluster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of Data Node jobs. The issue results from the lack of proper...

9.8CVSS7.6AI score0.02686EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2022/01/21 12:0 a.m.20 views

Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle MySQL Cluster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of Data Node jobs. The issue results from the lack of proper...

6.5CVSS3.9AI score0.01443EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/01/20 12:0 a.m.8 views

Pimcore 跨站脚本漏洞

Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce frameworks and product information management applications. pimcore has a cross-site scripting...

6.6CVSS5.3AI score0.01456EPSS
Exploits1References3
CNNVD
CNNVDadded 2022/01/19 12:0 a.m.3 views

Naviwebs Navigate CMS 跨站脚本漏洞

Naviwebs Navigate CMS is an open source content management system CMS from Naviwebs, Inc. in the United States. Naviwebs Navigate CMS suffers from a cross-site scripting vulnerability that originates from a lack of proper validation of client-side data by the WEB application. An attacker can...

5.4CVSS5.7AI score0.00438EPSS
Exploits1References2
CNVD
CNVDadded 2022/01/18 12:0 a.m.14 views

WordPress Landing Page Builder plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Landing Page Builder plugin prior to version...

5.4CVSS5.4AI score0.01271EPSS
Exploits2References1
Rows per page
Query Builder