CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2026/01/09 12:16 p.m.•5 views

CVE-2018-1000139

I, Librarian version 4.8 and earlier contains a Cross Site Scripting XSS vulnerability in "id" parameter in stable.php that can result in an attacker using the XSS to send a malicious script to an unsuspecting user...

6.1CVSS5.3AI score0.0024EPSS

Exploits1References1

CVE•added 2018/03/23 9:0 p.m.•49 views

CVE-2018-1000139

CVE-2018-1000139 affects Scilico I, Librarian prior to version 4.8. The issue is a Cross Site Scripting (XSS) vulnerability in the user-controllable parameter "id" within stable.php, allowing an attacker to inject a malicious script that could be executed in a victim’s browser. The linked Red Hat...

6.1CVSS5.7AI score0.0024EPSS

Exploits1References2Affected Software1

CVE•added 2017/11/03 6:0 p.m.•43 views

CVE-2017-1000139

Mahara versions 1.8 before 1.8.7, 1.9 before 1.9.5, 1.10 before 1.10.3, and 15.04 before 15.04.0 are vulnerable to server-side request forgery (SSRF) because curl redirects are not consistently checked against a white/black list. Employing SafeCurl will prevent issues.

8CVSS7.8AI score0.00206EPSS

Exploits0References1Affected Software1