CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4774 matches found

Cvelist•added 2024/03/31 12:0 p.m.•20 views

CVE-2023-50311 IBM CICS Transaction Gateway for Multiplatforms information disclosure

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages...

3.1CVSS5.3AI score0.00322EPSS

Exploits0References1

CNVD•added 2024/03/26 12:0 a.m.•7 views

Delta Electronics DIAEnergie Cross-Site Scripting Vulnerability

Delta Electronics DIAEnergie is an industrial energy management system from Delta Electronics, Taiwan, China. Delta Electronics DIAEnergie suffers from a cross-site scripting vulnerability that can be exploited by an attacker to steal a victim's cookie-based authentication credentials...

5.4CVSS6.3AI score0.00293EPSS

Exploits0References1

CNVD•added 2024/03/26 12:0 a.m.•8 views

Moodle cross-site scripting vulnerability (CNVD-2024-21664)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied...

6.1CVSS6.2AI score0.00533EPSS

Exploits1References1

CNVD•added 2024/03/22 12:0 a.m.•8 views

OneBlog Cross-Site Scripting Vulnerability

OneBlog is a Java blog. OneBlog suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of user-supplied data in the Role Management module, which can be exploited by an attacker to steal the victim's cookie-based authentication credentials...

6.1CVSS6.3AI score0.00367EPSS

Exploits1References1

IBM Security Bulletins•added 2024/03/13 9:46 p.m.•35 views

Security Bulletin: There is a vulnerability in AntiSamy used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-43643)

Summary There is a vulnerability in AntiSamy used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-43643 DESCRIPTION: AntiSamy is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could...

6.1CVSS6.4AI score0.00476EPSS

Exploits1Affected Software1

CNVD•added 2024/03/05 12:0 a.m.•8 views

Apache Ambari Cross-Site Scripting Vulnerability (CNVD-2024-22235)

Apache Ambari is an application from the Apache USA Foundation. Provides software developed to configure, manage and monitor Apache Hadoop clusters to simplify Hadoop management. Apache Ambari suffers from a cross-site scripting vulnerability that can be exploited by an attacker to obtain a...

6.1CVSS6.2AI score0.01212EPSS

Exploits0References1

IBM Security Bulletins•added 2024/02/15 2:47 p.m.•38 views

Security Bulletin: There is a vulnerability in tinymce-6.3.1.min.js used by IBM Maximo Asset Management application (CVE-2023-45819 and CVE-2023-45818)

Summary There is a vulnerability in tinymce-6.3.1.min.js used by IBM Maximo Asset Management application. Vulnerability Details CVEID:CVE-2023-45819 DESCRIPTION: TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Notification Manager API. A...

6.1CVSS5.9AI score0.0062EPSS

Exploits0Affected Software1

CNVD•added 2024/02/02 12:0 a.m.•4 views

FacileManager Cross-Site Scripting Vulnerability

facileManager is facileManager company's set of modular Web applications . A cross-site scripting vulnerability exists in facileManager that stems from insufficient input validation and can be exploited by an attacker to steal a victim's cookie-based authentication credentials...

5.4CVSS6.3AI score0.00424EPSS

Exploits1References1

CNVD•added 2024/01/30 12:0 a.m.•15 views

Cups Easy cross-site scripting vulnerability (CNVD-2024-11132)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the currencyid parameter on the /cupseasylive/currencymodify.php page. An attacker coul...

8.2CVSS6.2AI score0.00437EPSS

Exploits0References1

CNVD•added 2024/01/30 12:0 a.m.•15 views

Cups Easy cross-site scripting vulnerability (CNVD-2024-11142)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the bincardinfo parameter on the /cupseasylive/itemmodify.php page. An attacker could u...

8.2CVSS6.5AI score0.00436EPSS

Exploits0References1

CNVD•added 2024/01/30 12:0 a.m.•9 views

Cups Easy cross-site scripting vulnerability (CNVD-2024-13106)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from a failure to adequately escape the description parameter on the /cupseasylive/taxstructuremodify.php page. An...

8.2CVSS6.3AI score0.00436EPSS

Exploits0References1

CNVD•added 2024/01/30 12:0 a.m.•8 views

Cups Easy cross-site scripting vulnerability (CNVD-2024-12237)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the description parameter on the /cupseasylive/taxcodelist.php page. An attacker could...

8.2CVSS6.2AI score0.00399EPSS

Exploits0References1

CNVD•added 2024/01/30 12:0 a.m.•5 views

Cups Easy cross-site scripting vulnerability (CNVD-2024-12236)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the taxcodeid parameter on the /cupseasylive/taxcodecreate.php page. An attacker could...

8.2CVSS6.2AI score0.00437EPSS

Exploits0References1

CNVD•added 2024/01/30 12:0 a.m.•5 views

Cups Easy cross-site scripting vulnerability (CNVD-2024-12233)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the delete parameter on the /cupseasylive/stockissuancelist.php page. An attacker could...

8.2CVSS6.2AI score0.00437EPSS

Exploits0References1

CNVD•added 2024/01/30 12:0 a.m.•6 views

Cups Easy cross-site scripting vulnerability (CNVD-2024-11140)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the itemgroupid parameter on the /cupseasylive/itemgroupcreate.php page. An attacker...

8.2CVSS6.2AI score0.00436EPSS

Exploits0References1

CNVD•added 2024/01/30 12:0 a.m.•6 views

Cups Easy cross-site scripting vulnerability (CNVD-2024-13103)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from a failure to adequately escape the description parameter on the /cupseasylive/taxstructuredisplay.php page. An...

8.2CVSS6.3AI score0.00437EPSS

Exploits0References1

CNVD•added 2024/01/30 12:0 a.m.•19 views

Cups Easy cross-site scripting vulnerability (CNVD-2024-13107)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from a failure to adequately escape the unitofmeasurementid parameter on the /cupseasylive/unitofmeasurementcreate.ph...

8.2CVSS6.5AI score0.00437EPSS

Exploits0References1

CNVD•added 2024/01/30 12:0 a.m.•23 views

Cups Easy cross-site scripting vulnerability (CNVD-2024-11127)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the countryid parameter on the /cupseasylive/countrycreate.php page. An attacker could...

8.2CVSS6.2AI score0.00399EPSS

Exploits0References1

CNVD•added 2024/01/30 12:0 a.m.•17 views

Cups Easy cross-site scripting vulnerability (CNVD-2024-11134)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the grnno parameter on the /cupseasylive/grndisplay.php page. An attacker could use thi...

8.2CVSS6.2AI score0.00399EPSS

Exploits0References1

CNVD•added 2024/01/30 12:0 a.m.•27 views

Cups Easy cross-site scripting vulnerability (CNVD-2024-11137)

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the grndate parameter on the /cupseasylive/grnmodify.php page. An attacker could use th...

8.2CVSS6.2AI score0.00398EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by