CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/12/23 11:29 p.m.•6 views

CVE-2023-53978

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum announcement system that allows authenticated administrators to inject malicious scripts when creating announcements. Attackers can exploit this vulnerability by inserting script payloads in the announcement titl...

5.4CVSS6.1AI score0.00198EPSS

Exploits1References1

EUVD•added 2025/12/23 12:30 a.m.•4 views

EUVD-2023-60240

6.4CVSS5.7AI score0.00198EPSS

Exploits1References4

Positive Technologies•added 2025/12/22 12:0 a.m.•3 views

PT-2025-52715

Name of the Vulnerable Software and Affected Versions myBB Forums version 1.8.26 Description myBB Forums version 1.8.26 has a stored cross-site scripting issue in the forum announcement system. Authenticated administrators can inject malicious scripts when creating announcements. Attackers can...

5.4CVSS6.1AI score0.00198EPSS

Exploits1References9

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-17807

Malware in sbrugna...

4.8CVSS5.2AI score0.00553EPSS

Exploits1References2

CNNVD•added 2025/06/06 12:0 a.m.•3 views

SourceCodester Student Result Management System 安全漏洞

SourceCodester Student Result Management System is a SourceCodester open source student result management system. A security vulnerability exists in SourceCodester Student Result Management System version 1.0, which results from cross-site scripting due to incorrect manipulation of the file...

5.4CVSS3.8AI score0.00267EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 5:55 p.m.•5 views

CVE-2020-25116

The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager...

4.8CVSS5.8AI score0.00553EPSS

Exploits1

CNNVD•added 2021/08/02 12:0 a.m.•2 views

Cybozu Garoon 信息泄露漏洞

Cybozu Garoon is a portal-based OA office system of Cybozu Japan. An information disclosure vulnerability exists in Bulletin in Cybozu Garoon. An attacker can use this vulnerability to obtain the title of an announcement without viewing privileges...

4.3CVSS5.2AI score0.00881EPSS

Exploits0References4

OSV•added 2020/09/03 6:15 p.m.•3 views

CVE-2020-25116

The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager...

4.8CVSS5.8AI score0.00553EPSS

Exploits1References1

Prion•added 2020/09/03 6:15 p.m.•11 views

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager...

3.5CVSS4.8AI score0.00553EPSS

Exploits1References1Affected Software1

CVE•added 2020/09/03 5:20 p.m.•43 views

CVE-2020-25116

The CVE-2020-25116 entry identifies a cross-site scripting (XSS) vulnerability in the Admin CP of vBulletin 5.6.3, exploitable via the Announcement Title to Channel Manager. Concrete details in connected documents confirm the affected product/version and the exact vulnerable component (Admin CP/C...

4.8CVSS4.8AI score0.00553EPSS

Exploits1References1Affected Software1