CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2022/11/25 12:0 a.m.•2 views

PyroCMS 跨站脚本漏洞

PyroCMS is an individual developer's a lightweight open source content management system developed using the CodeIgniter framework. A security vulnerability exists in PyroCMS version 3.9, which stems from the ability of a low-privileged user such as an author or publisher to inject a carefully...

9CVSS8.1AI score0.00705EPSS

Exploits0References3

Positive Technologies•added 2022/11/25 12:0 a.m.•3 views

PT-2022-24049 · Pyrocms · Pyrocms

Name of the Vulnerable Software and Affected Versions: PyroCMS version 3.9 Description: The issue allows a low-privileged user, such as an author, to inject crafted HTML and JavaScript payload in a blog post, leading to full admin account takeover or privilege escalation. This is a stored Cross...

9CVSS6.2AI score0.00705EPSS

Exploits0References8

OSV•added 2022/11/23 5:15 p.m.•4 views

CVE-2022-35501

Stored Cross-site Scripting XSS exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function...

NVD•added 2022/11/23 5:15 p.m.•30 views

CVE-2022-35501

Stored Cross-site Scripting XSS exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function...

5.4CVSS0.00495EPSS

Prion•added 2022/11/23 5:15 p.m.•21 views

Cross site scripting

Stored Cross-site Scripting XSS exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function...

4.9CVSS5.3AI score0.00495EPSS

OSV•added 2022/11/23 2:15 a.m.•4 views

CVE-2022-35500

Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting XSS via leave comment functionality...

NVD•added 2022/11/23 2:15 a.m.•19 views

CVE-2022-35500

Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting XSS via leave comment functionality...

5.4CVSS0.00495EPSS

Prion•added 2022/11/23 2:15 a.m.•15 views

Cross site scripting

Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting XSS via leave comment functionality...

4.9CVSS5.3AI score0.00495EPSS

Cvelist•added 2022/11/23 12:0 a.m.•32 views

CVE-2022-35501

Stored Cross-site Scripting XSS exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function...

5.5AI score0.00495EPSS

CNNVD•added 2022/11/23 12:0 a.m.•3 views

Amasty Blog 跨站脚本漏洞

Vulnrichment•added 2022/11/23 12:0 a.m.•5 views

Exploits0References3

CVE-2022-35500

Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting XSS via leave comment functionality...

5.3AI score0.00495EPSS

CVE•added 2022/11/23 12:0 a.m.•60 views

CVE-2022-35501

CVE-2022-35501 is confirmed with concrete details across multiple sources: a Stored Cross-site Scripting (XSS) vulnerability in Amasty Blog Pro for Magento 2, triggered by the duplicate post function. Affected versions are Amasty Blog Pro 2.10.3 and 2.10.4; the root cause is described as the dupl...

5.4CVSS5.3AI score0.00495EPSS

Positive Technologies•added 2022/11/23 12:0 a.m.•4 views

PT-2022-22870 · Amasty · Amasty Blog

Name of the Vulnerable Software and Affected Versions: Amasty Blog version 2.10.3 Description: The issue is related to Cross Site Scripting XSS via the leave comment functionality. This means an attacker could potentially inject malicious scripts into the website, affecting user sessions...

5.4CVSS5.6AI score0.00495EPSS

Exploits0References6

CNNVD•added 2022/11/23 12:0 a.m.•3 views

Amasty Blog 跨站脚本漏洞

CVE•added 2022/11/23 12:0 a.m.•67 views

Exploits0References3

CVE-2022-35500

CVE-2022-35500: Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS) via the leave comment functionality. Affected: Amasty Blog version 2.10.3. Root cause details are not explicitly provided in the documents, only the XSS via leave comment is stated. Remediation guidance from PT-2022-22...

5.4CVSS5.2AI score0.00495EPSS

Cvelist•added 2022/11/23 12:0 a.m.•25 views

CVE-2022-35500

Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting XSS via leave comment functionality...

5.5AI score0.00495EPSS