CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-30065

Malware in sbrugna...

8.8CVSS6.3AI score0.00281EPSS

Exploits0References2

Vulnrichment•added 2025/08/20 5:32 p.m.•3 views

CVE-2025-9236 Portabilis i-Educar Tipos de usuàrio educar_tipo_usuario_lst.php sql injection

A vulnerability has been found in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educartipousuariolst.php of the component Tipos de usuàrio Page. Such manipulation of the argument nmtipo/descrição leads to sql injection. The attack may be performed from a...

6.5CVSS6.2AI score0.00101EPSS

Exploits1References6

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-9236 Malicious code in @plattenbau/element-ui (npm)

The package @plattenbau/element-ui was found to contain malicious code...

7.2AI score

Exploits0

RedhatCVE•added 2025/05/22 1:46 p.m.•4 views

CVE-2014-9236

Cross-site scripting XSS vulnerability in php/editphotos.php in Zoph aka Zoph Organizes Photos 0.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 photographerid or 2 crumb parameter...

4.3CVSS5.8AI score0.00649EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 8:56 a.m.•4 views

CVE-2019-9236

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122322613...

5CVSS6.1AI score0.00017EPSS

Exploits0References1

Patchstack•added 2025/05/19 3:53 a.m.•57 views

WordPress Team Members Showcase plugin < 4.4.2 - Editor+ Stored XSS vulnerability

Editor+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Team versions 4.4.2...

4.8CVSS6AI score0.00166EPSS

Exploits1References1Affected Software1

OSV•added 2025/05/15 8:16 p.m.•0 views

CVE-2024-9236

The Team WordPress plugin before 4.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00166EPSS

Exploits1References1

CVE•added 2019/09/27 6:5 p.m.•45 views

CVE-2019-9236

CVE-2019-9236 affects Android 10 and is tied to the NFC subsystem. The root cause is a missing bounds check that enables an out-of-bounds read, leading to local information disclosure. Exploitation requires user interaction, and the impact is bounded to information disclosure with no remote code ...

5CVSS5.3AI score0.00017EPSS

Exploits0References1Affected Software1

vulnersOsv•added 2018/06/07 7:43 p.m.•2 views

@kmanion/senpai (=1.0.0), briskly (>=0.1.0-pre <=0.1.1-pre) +37 more potentially affected by CVE-2015-9236 via hapi (>=0.14.2 <=10.5.0)

hapi NPM version =0.14.2, =0.1.0-pre, =0.0.2, =0.0.7, =0.1.0, =0.1.0, =0.0.1, =0.0.4 - hapi-auth-passthrough =1.0.0 - hapi-exit =0.0.2 - hapi-mongoose-connect =1.0.0 - hapi-register-example =1.0.1 - hapi-sass-example =0.1.0 and more Source cves: CVE-2015-9236 Source advisory: OSV:GHSA-VWRF-R5R4-7...

5.3CVSS6AI score0.00248EPSS

Exploits0

CVE•added 2018/05/31 8:0 p.m.•52 views

CVE-2015-9236

CVE-2015-9236 concerns Hapi (Node.js framework) versions

5.3CVSS5.2AI score0.00248EPSS

Exploits0References3Affected Software1

exploitpack•added 2018/04/10 12:0 a.m.•23 views

iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting

iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting Exploit Title: iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/easycreate/demo/ Version: 3.2.1 Tested on:...

3.5CVSS0.2AI score0.01095EPSS

Exploits5

Packet Storm•added 2018/04/10 12:0 a.m.•41 views

iScripts Easycreate 3.2.1 Cross Site Scripting

Exploit Title: iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/easycreate/demo/ Version: 3.2.1 Tested on: Windows 10 Category: Webapps CVE: CVE-2018-9236 CVE:...

0.2AI score0.01095EPSS

Exploits5

Exploit DB•added 2018/04/10 12:0 a.m.•29 views

iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting

5.4CVSS5.5AI score0.01095EPSS

Exploits5

CVE•added 2018/04/04 7:0 a.m.•55 views

CVE-2018-9236

CVE-2018-9236 is a stored XSS vulnerability in iScripts EasyCreate 3.2.1 affecting the Site title (and Site Description per PoC) fields. Exploitation requires data input stored server-side and later rendered, enabling script execution in victims’ browsers. The CVSS metrics from NVD show a base sc...

5.4CVSS5.3AI score0.01095EPSS

Exploits4References2Affected Software1

CVE•added 2017/05/11 2:1 p.m.•24 views

CVE-2016-9236

CVE-2016-9236 is rejected/not used, as explicitly stated in the initial description.

6.6AI score

Exploits0

Cvelist•added 2017/05/11 2:1 p.m.•8 views

CVE-2016-9236

...

Exploits0

OSV•added 2014/12/03 9:59 p.m.•3 views

CVE-2014-9236

5.6AI score

Exploits0References2

Cvelist•added 2014/12/03 9:0 p.m.•19 views

CVE-2014-9236

5.7AI score0.00649EPSS

Exploits1References2

CVE•added 2014/12/03 9:0 p.m.•49 views

CVE-2014-9236

CVE-2014-9236 is an XSS vulnerability in Zoph (aka Zoph Organizes Photos) before or equal to version 0.9.1, in the PHP script php/edit_photos.php. The issue allows remote attackers to inject arbitrary web script or HTML by supplying the parameters (1) photographer_id or (2) _crumb. Affected compo...

4.3CVSS5.9AI score0.00649EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by