CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

OSV•added 2022/05/01 11:55 p.m.•3 views

GHSA-PM5M-9H5R-XCRG phpMyAdmin extension for TYPO3 has Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the phpMyAdmin phpmyadmin extension 3.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.3CVSS5.8AI score0.00359EPSS

Exploits0References5

Github Security Blog•added 2022/05/01 11:43 p.m.•3 views

Alkacon OpenCMS XSS via searchfilter parameter in system/workplace/admin/workplace/sessions.jsp

Cross-site scripting XSS vulnerability in system/workplace/admin/workplace/sessions.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the searchfilter parameter, a different vector than CVE-2008-1510...

4.3CVSS5.4AI score0.0034EPSS

Exploits1References4Affected Software1

Github Security Blog•added 2022/05/01 11:36 p.m.•18 views

MoinMoin Multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 certain input processed by formatter/textgedit.py aka the gui editor formatter; 2 a page name, which triggers an injection in PageEditor.py when the...

4.3CVSS5.7AI score0.0103EPSS

Exploits1References16Affected Software1

OSV•added 2022/05/01 11:36 p.m.•6 views

GHSA-8FJ9-PJ4P-4VQ7 MoinMoin Multiple cross-site scripting (XSS) vulnerabilities

4.3CVSS5.3AI score0.0103EPSS

Exploits1References15

Github Security Blog•added 2022/05/01 6:14 p.m.•11 views

HTML Purifier Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in smoketests/configForm.php in HTML Purifier before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "unescaped printr output."...

4.3CVSS6AI score0.00333EPSS

Exploits0References7Affected Software1

OSV•added 2022/05/01 6:14 p.m.•7 views

GHSA-6FH7-FWQJ-MV49 HTML Purifier Cross-site Scripting vulnerability

6.1CVSS5.6AI score0.00333EPSS

Exploits0References7

OSV•added 2022/05/01 6:13 p.m.•24 views

GHSA-36HP-4X3G-PHRG Apache Tomcat's CookieExample Vulnerable to XSS

Multiple cross-site scripting XSS vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 Name or 2 Value field, related to error messages...

4.3CVSS5.5AI score0.06422EPSS

Exploits1References6

Github Security Blog•added 2022/05/01 6:3 p.m.•48 views

Apache Tomcat XSS Vulnerabilities in Examples Web Application

Multiple cross-site scripting XSS vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via...

4.3CVSS6AI score0.5214EPSS

Exploits1References20Affected Software1

Github Security Blog•added 2022/05/01 5:47 p.m.•32 views

MoinMoin Cross-Site Scripting (XSS) vulnerability via hitcounts and general parameters

Multiple cross-site scripting XSS vulnerabilities in Info pages in MoinMoin 1.5.7 allow remote attackers to inject arbitrary web script or HTML via the 1 hitcounts and 2 general parameters, different vectors than CVE-2007-0857. NOTE: the provenance of this information is unknown; the details are...

4.3CVSS5.9AI score0.0052EPSS

Exploits0References7Affected Software1

OSV•added 2022/05/01 5:47 p.m.•22 views

GHSA-9GJ2-PH57-56F5 MoinMoin Cross-Site Scripting (XSS) vulnerability via hitcounts and general parameters

4.3CVSS5.2AI score0.0052EPSS

Exploits0References7

OSV•added 2022/05/01 7:45 a.m.•37 views

GHSA-PM78-WXXF-FW98 Cross-site scripting in Apache Tomcat

Cross-site scripting XSS vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly...

4.3CVSS6.2AI score0.79909EPSS

Exploits0References31

Github Security Blog•added 2022/05/01 7:45 a.m.•118 views

Cross-site scripting in Apache Tomcat

4.3CVSS4.1AI score0.79909EPSS

Exploits0References31Affected Software1

OSV•added 2022/04/30 6:21 p.m.•18 views

GHSA-86FP-JGWM-WGJ5 Apache Tomcat XSS Vulnerability

Cross-site scripting XSS vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script...

6.8CVSS6AI score0.41657EPSS

Exploits1References6

OSV•added 2022/04/29 1:25 a.m.•24 views

GHSA-5HGM-QM5M-5VMW Jakarta Tomcat cross-site scripting (XSS) vulnerability

Multiple cross-site scripting XSS vulnerabilities in the 1 examples and 2 ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML...

6.8CVSS5.6AI score0.27285EPSS

Exploits0References11

Cvelist•added 2022/04/25 3:2 p.m.•18 views

CVE-2022-26597

Cross-site scripting XSS vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name...

6.2AI score0.0023EPSS

Exploits0References1

OSV•added 2022/04/23 12:40 a.m.•21 views

GHSA-5JQ3-8437-X35P Multiple cross-site scripting (XSS) vulnerabilities in Roundup

Multiple cross-site scripting XSS vulnerabilities in Roundup before 1.4.20 allow remote attackers to inject arbitrary web script or HTML via the 1 @okmessage or 2 @errormessage parameter to issue...

6.1CVSS6AI score0.00479EPSS

Exploits1References9

OSV•added 2022/04/22 12:24 a.m.•18 views

GHSA-H86G-796F-HHFQ Typo3 XSS Vulnerabilities

Cross-site Scripting XSS in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the tcemain flash message...

5.4CVSS5.4AI score0.00195EPSS

Exploits0References4

OSV•added 2022/04/21 12:15 a.m.•20 views

CVE-2022-27926

A reflected cross-site scripting XSS vulnerability in the /public/launchNewWindow.jsp component of Zimbra Collaboration aka ZCS 9.0 allows unauthenticated attackers to execute arbitrary web script or HTML via request parameters...

6.1CVSS5.9AI score0.94125EPSS

Exploits0References4