CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

NVD•added 2020/12/22 5:15 p.m.•18 views

CVE-2018-15641

Cross-site scripting XSS issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes...

6.3CVSS5.3AI score0.00206EPSS

Exploits0References1

UbuntuCve•added 2020/12/22 5:15 p.m.•23 views

CVE-2018-15638

Cross-site scripting XSS issue in mail module in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted channel names...

7.1CVSS6.9AI score0.00211EPSS

Exploits0References2

Prion•added 2020/12/22 5:15 p.m.•18 views

Cross site scripting

3.5CVSS5.3AI score0.00211EPSS

Exploits0References1Affected Software1

Prion•added 2020/12/22 5:15 p.m.•11 views

Cross site scripting

Cross-site scripting XSS issue in attachment management in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via a crafted link...

4.3CVSS6AI score0.00288EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/12/22 4:25 p.m.•16 views

CVE-2018-15638

7.1CVSS5.4AI score0.00211EPSS

Exploits0References1

Cvelist•added 2020/12/22 4:25 p.m.•15 views

CVE-2018-15634

7.1CVSS6AI score0.00288EPSS

Exploits0References1

Prion•added 2020/12/14 8:15 p.m.•12 views

Cross site scripting

A cross-site scripting XSS vulnerability exists in the SabaiApps WordPress Directories Pro plugin version 1.3.45 and previous, allows attackers who have convinced a site administrator to import a specially crafted CSV file to inject arbitrary web script or HTML as the victim is proceeding through...

4.3CVSS5.9AI score0.01235EPSS

Exploits3References4Affected Software1

Cvelist•added 2020/12/11 7:50 p.m.•15 views

CVE-2020-29455

A cross-Site Scripting XSS vulnerability in this.showInvalid and this.showInvalidCountry in SmartyStreets liveAddressPlugin.js 3.2 allows remote attackers to inject arbitrary web script or HTML via any address parameter e.g., street or country...

6AI score0.00472EPSS

Exploits1References3

Prion•added 2020/12/02 8:15 a.m.•21 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...

4.3CVSS6.1AI score0.00467EPSS

Exploits0References3Affected Software1

OSV•added 2020/12/02 8:15 a.m.•16 views

PYSEC-2020-74

6.1CVSS0.7AI score0.00467EPSS

Exploits0References4

Cvelist•added 2020/12/02 7:50 a.m.•16 views

CVE-2020-29456

6.2AI score0.00467EPSS

Exploits0References3

Check Point Advisories•added 2020/12/02 12:0 a.m.•3 views

Moxa AWK-3131A Cross-Site Scripting (CVE-2016-8719)

A cross-site scripting vulnerability exists in Moxa AWK-3131A. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS5.1AI score0.00315EPSS

Exploits2

CNVD•added 2020/12/02 12:0 a.m.•15 views

ThinkAdmin Cross-Site Scripting Vulnerability

ThinkAdmin is a backend administration framework developed based on the latest ThinkPHP V6 , using the MIT protocol open source. thinkAdmin v1, v6 exists a stored cross-site scripting vulnerability. A remote attacker can use the vulnerability to inject arbitrary Web script or HTML...

5.4CVSS0.8AI score0.00201EPSS

Exploits1References1

Prion•added 2020/12/01 6:15 p.m.•12 views

Cross site scripting

Cross-site Scripting XSS vulnerability in SolarWinds Web Help Desk 12.7.0 allows attacker to inject arbitrary web script or HTML via Location Name...

3.5CVSS5.2AI score0.0175EPSS

Exploits1References2Affected Software1

Prion•added 2020/12/01 5:15 p.m.•23 views

Cross site scripting

ThinkAdmin version v1 v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML...

4.3CVSS5.3AI score0.00201EPSS

Exploits1References1Affected Software1

Check Point Advisories•added 2020/12/01 12:0 a.m.•0 views

WonderCMS Persistent Cross-Site Scripting

A cross-site scripting vulnerability exists in WonderCMS. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.7AI score

Exploits0

Check Point Advisories•added 2020/11/28 12:0 a.m.•0 views

Nagios Log Server Persistent Cross-Site Scripting

A persistent cross site scripting vulnerability exists in Nagios Log Server. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

4.7AI score

Exploits0

Check Point Advisories•added 2020/11/23 12:0 a.m.•2 views

Citadel WebCit Cross Site Scripting (CVE-2020-27739)

A cross-site scripting vulnerability exists in Citadel WebCit. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

7.5CVSS4.9AI score0.02227EPSS

Exploits1

Check Point Advisories•added 2020/11/21 12:0 a.m.•2 views

CactuShop invoice.asp Cross-Site Scripting (CVE-2010-1486)

A cross-site scripting vulnerability exists in Cactushop cactushop 3. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS4.8AI score0.00438EPSS

Exploits5

Prion•added 2020/11/18 10:15 p.m.•16 views

Cross site scripting

SuiteCRM 7.11.13 is affected by stored Cross-Site Scripting XSS in the Documents preview functionality. This vulnerability could allow remote authenticated attackers to inject arbitrary web script or HTML...

3.5CVSS5AI score0.0015EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by