CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

860 matches found

EUVD•added 2025/12/31 9:30 p.m.•2 views

EUVD-2025-206078

STVS ProVision 5.9.10 contains a cross-site scripting vulnerability in the 'files' POST parameter that allows authenticated attackers to inject arbitrary HTML code. Attackers can exploit the unvalidated input to execute malicious scripts within a user's browser session in the context of the...

5.4CVSS5.7AI score0.00025EPSS

Exploits1References8

Cvelist•added 2025/12/19 8:5 p.m.•20 views

CVE-2025-67712 HTML injection issue in ArcGIS Web App Builder

There is an HTML injection issue in Esri ArcGIS Web AppBuilder developer edition versions prior to 2.30 that allows a remote, unauthenticated attacker to potentially entice a user to click a link that causes arbitrary HTML to render in a victim's browser. There is no evidence of JavaScript...

4.7CVSS0.0006EPSS

Exploits0References1

Drupal•added 2025/12/03 12:0 a.m.•7 views

Mini site - Moderately critical - Cross-Site Scripting - SA-CONTRIB-2025-117

This module allows uploading a zip file and extracting its content in the public file directory to serve this content from a Drupal website. These zip files may contain arbitrary HTML or SVG content that could allow cross-site scripting vulnerabilities. While this is an expected feature, the modu...

5.4CVSS5.5AI score0.0005EPSS

Exploits0References2

CVE•added 2025/11/07 3:11 a.m.•26 views

CVE-2025-64187

OctoPrint versions 1.11.3 and earlier are vulnerable to XSS through Action Command notifications and prompts. A crafted file can inject arbitrary HTML/JavaScript into printer popups and notifications, potentially disrupting prints or exposing sensitive information if the user has permission. The ...

4.6CVSS6.5AI score0.00018EPSS

Exploits0References2Affected Software1

CNVD•added 2025/10/17 12:0 a.m.•2 views

Centreon cross-site scripting vulnerability (CNVD-2025-24649)

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon cross-site scripting vulnerability , the vulnerability stems from the lack of effective...

6.8CVSS6.5AI score0.0002EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-2307

Malware in sbrugna...

9.3CVSS6.4AI score0.0071EPSS

Exploits1References6

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2005-0267

Malware in sbrugna...

4.3CVSS6.4AI score0.00335EPSS

Exploits0References4