CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7612 matches found

RedhatCVE•added 2025/05/22 6:17 p.m.•5 views

CVE-2021-20673

Stored cross-site scripting vulnerability in Admin Page of GROWI v4.2 Series versions from v4.2.0 to v4.2.7 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors...

4.8CVSS5.8AI score0.00754EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:17 p.m.•5 views

CVE-2021-20688

Cross-site scripting vulnerability in Click Ranker Ver.3.5 allows remote attackers to inject an arbitrary script via unspecified vectors...

6.1CVSS6.7AI score0.00756EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:14 p.m.•10 views

CVE-2021-20727

Cross-site scripting vulnerability in Zettlr from 0.20.0 to 1.8.8 allows an attacker to execute an arbitrary script by loading a file or code snippet containing an invalid iframe into Zettlr...

6.1CVSS6.8AI score0.01036EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:10 p.m.•7 views

CVE-2021-40925

Cross-site scripting XSS vulnerability in dompdf/dompdf/www/demo.php infaveo-helpdesk v1.11.0 and below allow remote attackers to inject arbitrary web script or HTML via the $SERVER"PHPSELF" parameter...

6.1CVSS5.9AI score0.00818EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:48 p.m.•7 views

CVE-2020-3420

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...

5.4CVSS6AI score0.00405EPSS

Exploits0

RedhatCVE•added 2025/05/22 5:48 p.m.•4 views

CVE-2020-3532

A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to...

6.1CVSS6AI score0.00487EPSS

Exploits0

RedhatCVE•added 2025/05/22 5:45 p.m.•7 views

CVE-2020-23214

A stored cross site scripting XSS vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Configure categories" field under the "Categorise Lists" module...

5.4CVSS5.5AI score0.00551EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:43 p.m.•9 views

CVE-2020-5613

Cross-site scripting vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to execute an arbitrary script via a specially crafted URL...

6.1CVSS6.9AI score0.01082EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:36 p.m.•4 views

CVE-2020-28955

SugarCRM v6.5.18 was discovered to contain a cross-site scripting XSS vulnerability in the Create Employee module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the First Name or Last Name input fields...

5.4CVSS6AI score0.00562EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:36 p.m.•6 views

CVE-2020-28956

Multiple cross-site scripting XSS vulnerabilities in the Sales module of SugarCRM v6.5.18 allows attackers to execute arbitrary web scripts or HTML via crafted payloads entered into the primary address state or alternate address state input fields...

5.4CVSS6.1AI score0.00562EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:29 p.m.•12 views

CVE-2020-20781

A stored cross-site scripting XSS vulnerability in /ucms/index.php?do=listedit of UCMS 1.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title, key words, description or content text fields...

5.4CVSS5.5AI score0.00487EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:29 p.m.•5 views

CVE-2020-20691

An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files...

6.5CVSS7.2AI score0.00896EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:28 p.m.•7 views

CVE-2020-19292

A stored cross-site scripting XSS vulnerability in the /question/ask component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted question...

5.4CVSS5.5AI score0.0054EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:28 p.m.•4 views

CVE-2020-19293

A stored cross-site scripting XSS vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted article...

5.4CVSS5.5AI score0.0054EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:7 p.m.•8 views

CVE-2020-21353

A stored cross site scripting XSS vulnerability in /admin/snippets.php of GetSimple CMS 3.4.0a allows attackers to execute arbitrary web scripts or HTML via crafted payload in the Edit Snippets module...

5.4CVSS5.6AI score0.00549EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:49 p.m.•8 views

CVE-2020-18259

ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting XSS vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields...

6.1CVSS6.1AI score0.00621EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:46 p.m.•8 views

CVE-2020-23207

A stored cross site scripting XSS vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Edit Values" field under the "Configure Attributes" module...

5.4CVSS5.5AI score0.00538EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:46 p.m.•7 views

CVE-2020-20696

A cross-site scripting XSS vulnerability in /admin/content/post of GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Tags field...

5.4CVSS5.7AI score0.00477EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:39 p.m.•5 views

CVE-2020-5625

Cross-site scripting vulnerability in XooNIps 3.48 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors...

6.1CVSS6.7AI score0.0103EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:39 p.m.•7 views

CVE-2020-5586

Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors...

4.8CVSS6.5AI score0.00528EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by