CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7610 matches found

Prion•added 2023/03/06 12:15 a.m.•20 views

Cross site scripting

Cross-site scripting vulnerability in Contents Management of EC-CUBE 4 series EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0, EC-CUBE 3 series EC-CUBE 3.0.0 to 3.0.18-p5, and EC-CUBE 2 series EC-CUBE 2.11.0 to 2.11.5, EC-CUBE 2.12.0 to 2.12.6, EC-CUBE 2.13.0 to 2.13.5, an...

4.9CVSS5.2AI score0.00235EPSS

Exploits0References4Affected Software1

Cvelist•added 2023/03/05 12:0 a.m.•15 views

CVE-2023-22838

Cross-site scripting vulnerability in Product List Screen and Product Detail Screen of EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0 allows a remote authenticated attacker to inject an arbitrary script...

5.4AI score0.00217EPSS

Exploits0References2

Cvelist•added 2023/03/05 12:0 a.m.•18 views

CVE-2023-22438

5.4AI score0.00235EPSS

Exploits0References4

NVD•added 2023/03/01 8:15 a.m.•9 views

CVE-2023-22778

A vulnerability in the ArubaOS web management interface could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the...

4.8CVSS4.9AI score0.00181EPSS

Exploits0References1

NVD•added 2023/03/01 8:15 a.m.•14 views

CVE-2023-20053

A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. This vulnerability is due to insufficient user...

6.1CVSS6AI score0.00173EPSS

Exploits0References1

Prion•added 2023/03/01 8:15 a.m.•17 views

Cross site scripting

5.8CVSS5.9AI score0.00173EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/03/01 12:0 a.m.•3 views

Cisco Nexus Dashboard 跨站脚本漏洞

Cisco Nexus Dashboard is the United States Cisco Cisco a single console. It simplifies the operation and management of data center networks. A security vulnerability exists in Cisco Nexus Dashboard, which stems from a security issue in the web-based management interface that does not adequately...

6.1CVSS6.7AI score0.00173EPSS

Exploits0References2

Cvelist•added 2023/02/28 5:5 p.m.•14 views

CVE-2023-22778 Authenticated Stored Cross-Site Scripting

4.8CVSS5.2AI score0.00181EPSS

Exploits0References1

Japan Vulnerability Notes•added 2023/02/28 12:0 a.m.•29 views

JVN#04785663: Multiple cross-site scripting vulnerabilities in EC-CUBE

EC-CUBE provided by EC-CUBE CO.,LTD. contains multiple cross-site scripting vulnerabilities listed below. Cross-site scripting vulnerability in Contents Management CWE-79 - CVE-2023-22438 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVS...

5.4CVSS6AI score0.00235EPSS

Exploits0

OSV•added 2023/02/24 6:15 a.m.•13 views

CVE-2023-22427

Stored cross-site scripting vulnerability in Theme switching function of SHIRASAGI v1.16.2 and earlier versions allows a remote attacker with an administrative privilege to inject an arbitrary script...

4.8CVSS6.2AI score

Exploits0References4

Prion•added 2023/02/24 6:15 a.m.•12 views

Cross site scripting

4.3CVSS5AI score0.00241EPSS

Exploits1References4Affected Software1

F5 Networks•added 2023/02/21 7:41 p.m.•29 views

K17563: Apache Struts vulnerability CVE-2015-2992

Security Advisory Description Arbitrary script can be executed when JSP files are exposed to be accessed directly. Affected versions are Struts 2.0.0 - 2.3.16.3. CVE-2015-2992 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

6.1CVSS7AI score0.00992EPSS

Exploits0

Tenable Nessus•added 2023/02/17 12:0 a.m.•25 views

Cisco Identity Services Engine (ISE) XSS (cisco-sa-ise-xss-ubfHG75C)

According to its self-reported version, Cisco Identity Services Engine ISE is affected by a cross-site scripting vulnerability. This could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected...

6.1CVSS6.4AI score0.00109EPSS

Exploits0References3

Vulnrichment•added 2023/02/17 12:0 a.m.•4 views

CVE-2023-24369

A cross-site scripting XSS vulnerability in UJCMS v4.1.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter under the Add New Articles function...

5.8AI score0.00626EPSS

Exploits1References1

Cvelist•added 2023/02/16 3:27 p.m.•17 views

CVE-2023-20053

6.1CVSS6.1AI score0.00173EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 6:14 a.m.•3 views

SUSE CVE-2006-3388

Cross-site scripting XSS vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter...

5.8CVSS6AI score0.0103EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:39 a.m.•2 views

SUSE CVE-2013-2033

Cross-site scripting XSS vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allows remote authenticated users with write permission to inject arbitrary web script or HTML via unspecified vectors...

2.1CVSS5.6AI score0.00178EPSS

Exploits0References4

Ivanti•added 2023/02/14 7:22 a.m.•4 views

JSA10377 - Pulse Policy Secure (PPS): Cross-Site Scripting Vulnerability

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Older software versions of Policy Secure are prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute an arbitrary script. This issue is caused by ...

7.2AI score

Exploits0

Cvelist•added 2023/02/14 12:0 a.m.•16 views

CVE-2023-22376

Reflected cross-site scripting vulnerability in Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G all versions allows a remote unauthenticated attacker to inject arbitrary script to inject an arbitrary script. NOTE: This vulnerability only affects products that are no longer supported by the...

6.7AI score0.00785EPSS

Exploits0References2

CNNVD•added 2023/02/14 12:0 a.m.•7 views

Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G 跨站脚本漏洞

PLANEX Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G is a camera from PLANEX. A security vulnerability exists in the Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G. An attacker can exploit this vulnerability to inject arbitrary scripts...

6.1CVSS6.4AI score0.00785EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by