CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

Prion•added 2017/03/05 8:59 p.m.•12 views

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data visible, tab, cid passed to the EPESI-master/modules/Utils/RecordBrowser/Filters/savefilters.php URL. An attacker could execute arbitrary HTML...

4.3CVSS6.1AI score0.00785EPSS

Exploits1References2Affected Software1

Prion•added 2017/03/05 8:59 p.m.•11 views

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data cid, value, element, mode, tab, formname, id passed to the EPESI-master/modules/Utils/RecordBrowser/grid.php URL. An attacker could execute...

4.3CVSS6.1AI score0.00785EPSS

Exploits1References2Affected Software1

Prion•added 2017/03/05 8:59 p.m.•9 views

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data state, element, id, tab, cid passed to the "EPESI-master/modules/Utils/RecordBrowser/favorites.php" URL. An attacker could execute arbitrary HT...

4.3CVSS6.1AI score0.00785EPSS

Exploits1References2Affected Software1

NVD•added 2017/03/05 8:59 p.m.•13 views

CVE-2017-6490

6.1CVSS6.1AI score0.00785EPSS

Exploits1References2

NVD•added 2017/03/05 8:59 p.m.•12 views

CVE-2017-6487

6.1CVSS6.1AI score0.00785EPSS

Exploits1References2

NVD•added 2017/03/05 8:59 p.m.•13 views

CVE-2017-6488

6.1CVSS6.1AI score0.00785EPSS

Exploits1References2

OSV•added 2017/03/05 8:59 p.m.•14 views

CVE-2017-6488

6.1CVSS6.3AI score

Exploits0References2

Prion•added 2017/03/05 8:59 p.m.•8 views

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data element, state, cat, id, cid passed to the EPESI-master/modules/Utils/Watchdog/subscribe.php URL. An attacker could execute arbitrary HTML and...

4.3CVSS6.1AI score0.00785EPSS

Exploits1References2Affected Software1

NVD•added 2017/03/05 8:59 p.m.•10 views

CVE-2017-6489

6.1CVSS6.1AI score0.00785EPSS

Exploits1References2

Cvelist•added 2017/03/05 8:0 p.m.•15 views

CVE-2017-6489

6.1AI score0.00785EPSS

Exploits1References2

Cvelist•added 2017/03/05 8:0 p.m.•16 views

CVE-2017-6487

6.1AI score0.00785EPSS

Exploits1References2

CVE•added 2017/03/05 8:0 p.m.•44 views

CVE-2017-6489

EPESI ≤ 1.8.1.1 contains multiple Cross-Site Scripting (XSS) flaws due to insufficient sanitization of user-supplied data (element, state, cat, id, cid) passed to the Subscribe endpoint. The identified vulnerable component is EPESI-master/modules/Utils/Watchdog/subscribe.php, which can process un...

6.1CVSS6AI score0.00785EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by