CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

Cvelist•added 2021/12/07 12:48 p.m.•9 views

CVE-2021-40093

A cross-site scripting XSS vulnerability in integration configuration in SquaredUp for SCOM 5.2.1.6654 allows remote attackers to inject arbitrary web script or HTML via dashboard actions...

5.5AI score0.00202EPSS

Exploits0References2

Prion•added 2021/11/23 8:15 p.m.•21 views

Cross site scripting

A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the UID request parameter. The malicious script is reflected unmodified into the Policy Auditor web-based interface which coul...

4.3CVSS6.1AI score0.00912EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/11/22 10:20 p.m.•15 views

CVE-2020-22719

Shimo Document v2.0.1 contains a cross-site scripting XSS vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the table content text field...

5.3AI score0.00206EPSS

Exploits0References1

NVD•added 2021/11/03 6:15 p.m.•9 views

CVE-2020-18259

ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting XSS vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields...

6.1CVSS0.00223EPSS

Exploits1References1

Veracode•added 2021/10/27 4:15 a.m.•16 views

Cross-site Scripting (XSS)

froala/wysiwyg-editor is vulnerable to cross-site scripting attacks. The vulnerability exists because the 'html.insert' in the Insert Video function does not properly sanitize the user input, which allows a malicious attacker to inject and execute arbitrary web script...

6.1CVSS3AI score0.00358EPSS

Exploits1References4Affected Software1

CNVD•added 2021/10/26 12:0 a.m.•15 views

Foxlor Cross-Site Scripting Vulnerability

Foxlor is This open source GPL panel was developed by experienced server administrators to simplify the job of managing hosting platforms. A security vulnerability exists in Foxlor, which can be exploited by an attacker to execute arbitrary web script or HTML by entering a payload in the name,...

5.4CVSS5.6AI score0.00206EPSS

Exploits1References1

Check Point Advisories•added 2021/10/20 12:0 a.m.•0 views

Projectsend Cross Site Scripting

A cross-site scripting vulnerability exists in Projectsend. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

6.2AI score

Exploits0

CVE•added 2021/10/08 3:35 p.m.•47 views

CVE-2021-41918

webTareas

5.4CVSS5.2AI score0.0042EPSS

Exploits1References1Affected Software1

CVE•added 2021/10/08 3:33 p.m.•39 views

CVE-2021-41917

CVE-2021-41917 concerns webTareas

5.4CVSS5.1AI score0.0042EPSS

Exploits1References1Affected Software1

Github Security Blog•added 2021/10/04 8:13 p.m.•45 views

Cross-site scripting in application/controllers/dropbox.php in JustWriting

Cross-site scripting XSS vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allow remote attackers to inject arbitrary web script or HTML via the challenge parameter...

6.1CVSS4.1AI score0.07609EPSS

Exploits0References4Affected Software1

NVD•added 2021/10/01 4:15 p.m.•8 views

CVE-2021-41465

Cross-site scripting XSS vulnerability in concrete/elements/collectiontheme.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...

6.1CVSS0.00283EPSS

Exploits1References2

OSV•added 2021/10/01 4:15 p.m.•9 views

CVE-2021-41465

6.1CVSS5.9AI score

Exploits0References2

NVD•added 2021/10/01 4:15 p.m.•10 views

CVE-2021-40970

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the username parameter...

6.1CVSS0.01278EPSS

Exploits1References2

OSV•added 2021/10/01 4:15 p.m.•14 views

CVE-2021-40924

Cross-site scripting XSS vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the firstname parameter...

6.1CVSS6AI score

Exploits0References2

OSV•added 2021/10/01 4:15 p.m.•10 views

CVE-2021-40922

Cross-site scripting XSS vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the lastname parameter...

6.1CVSS6AI score

Exploits0References2

Prion•added 2021/10/01 4:15 p.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in callback.php in Spotify-for-Alfred 0.13.9 and below allows remote attackers to inject arbitrary web script or HTML via the error parameter...

4.3CVSS6AI score0.00283EPSS

Exploits1References2Affected Software1

UbuntuCve•added 2021/10/01 4:15 p.m.•20 views

CVE-2021-40969

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the firstname parameter...

6.1CVSS6.4AI score0.01278EPSS

Exploits1References3

Prion•added 2021/10/01 4:15 p.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the lastname parameter...

4.3CVSS6.1AI score0.00283EPSS

Exploits1References2Affected Software1

Prion•added 2021/10/01 4:15 p.m.•16 views

Cross site scripting

Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the ctID parameter...

4.3CVSS6AI score0.00283EPSS

Exploits1References2Affected Software1

Prion•added 2021/10/01 4:15 p.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter...

4.3CVSS6AI score0.00284EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by