CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2341 matches found

Citrix•added 2020/06/04 12:0 a.m.•4 views

PVS Bootstrap configuration missing after updating to 1912 LTSR or 2203 CUs

Error - There must be at least 1 and at most 4 logon servers in the list Bootstrap configuration missing post update to 1912 .CU X / 2203 .CU x...

7AI score

Exploits0

BDU FSTEC•added 2020/06/02 12:0 a.m.•1 views

The vulnerability of the Bootstrap plugin for toolkits used to create websites and web applications allows attackers to perform cross-site scripting attacks.

The vulnerability of the Bootstrap plugin for toolkits used in creating websites and web applications is related to the lack of protective measures for website structures. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

6.4CVSS6.4AI score0.04081EPSS

Exploits1References12Affected Software6

BDU FSTEC•added 2020/06/02 12:0 a.m.•3 views

The vulnerability of the tooltip component in Bootstrap, a tool for creating websites and web applications, allows attackers to perform cross-site scripting attacks.

The vulnerability of the tooltip component in the Bootstrap toolset for creating websites and web applications is related to the lack of protective measures for website structures. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

6.4CVSS6.3AI score0.03929EPSS

Exploits0References13Affected Software6

BDU FSTEC•added 2020/05/21 12:0 a.m.•2 views

The vulnerability of the ScrollSpy plugin, a tool for creating websites and Bootstrap web applications, allows a hacker to perform cross-site scripting attacks.

The vulnerability of the ScrollSpy plugin, a tool for creating websites and Bootstrap web applications, is related to the lack of protective measures for website structures. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

6.1CVSS6.5AI score0.04293EPSS

Exploits1References11Affected Software2

BDU FSTEC•added 2020/05/21 12:0 a.m.•1 views

The vulnerability of the tooltip and popover components in Bootstrap’s website and web application creation tools allows attackers to execute cross-site scripting attacks.

The vulnerability of the tooltip and popover components in the Bootstrap toolset for creating websites and web applications is related to the lack of protective measures for website structures. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks...

6.1CVSS6.2AI score0.1686EPSS

Exploits1References18Affected Software4

Snyk•added 2020/05/20 12:50 a.m.•3 views

Cross-site Scripting (XSS)

Overview bootstrap-select is a .NET bundle for bootstrap-select jQuery plugin. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the use of the data-subtext attribute, in cases where that content originates from a user-controlled input. PoC by Snyk Research js HTML ...

6.1CVSS5.7AI score0.01717EPSS

Exploits0References2

Node.js•added 2020/05/20 12:49 a.m.•15 views

Cross-Site Scripting

Overview Versions of bootstrap-select prior to 1.13.6 are vulnerable to Cross-Site Scripting XSS. The package does not escape title values on tags. This may allow attackers to execute arbitrary JavaScript in a victim's browser. Recommendation Upgrade to version 1.13.6 or later. References - GitHu...

6.7AI score

Exploits0Affected Software1

CNVD•added 2020/05/13 12:0 a.m.•4 views

Heybbs has a universal password login vulnerability

HEYBBS is a front-end based on bootstrap+jq+css,back-end php+mysql development of micro-community programs. Heybbs has a universal password login vulnerability that can be exploited by attackers to obtain sensitive database information...

6.9AI score

Exploits0

CNVD•added 2020/04/22 12:0 a.m.•1 views

Heybbs Micro Community in***.php file has a reload vulnerability

Heybbs micro-community is a front-end based on bootstrap + jq + css, back-end php + mysql development of micro-community program. Heybbs micro-community in.php file exists reloading vulnerability. An attacker can use the vulnerability to reset all the data on the website and gain server privilege...

7.1AI score

Exploits0

Kitploit•added 2020/04/17 1:0 p.m.•56 views

Pwndrop - Self-Deployable File Hosting Service For Red Teamers, Allowing To Easily Upload And Share Payloads Over HTTP And WebDAV

pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV. If you've ever needed to quickly set up an nginx/apache web server to host your files and you were never happy with the limitations of python -m...

7AI score

Exploits0References2

RedhatCVE•added 2020/04/08 10:13 p.m.•43 views

CVE-2018-20677

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hostin...

6.1CVSS5.9AI score0.04081EPSS

Exploits1References2

IBM Security Bulletins•added 2020/04/07 4:23 p.m.•60 views

Security Bulletin: IBM Security Information Queue uses components with known vulnerabilities (CVE-2019-8331, CVE-2019-11358)

Summary The IBM Security Information Queue ISIQ web server utilizes a Node.js runtime environment. The environment includes several open source packages with known vulnerabilities. As of ISIQ v1.0.6, the open source packages have been upgraded to the recommended secure versions. Vulnerability...

6.1CVSS0.6AI score0.87218EPSS

Exploits5Affected Software1

Openbugbounty•added 2020/04/06 1:11 p.m.•13 views

onlinejobs.ph Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1134988 Security Researcher Taba Helped patch 9 vulnerabilities Received 0 Coordinated Disclosure badges Received 2 recommendations , found a security vulnerability affecting onlinejobs.ph website and its users. Following coordinated and responsible vulnerability disclosur...

0.1AI score

Exploits0

RedhatCVE•added 2020/04/04 5:27 p.m.•64 views

CVE-2018-20676

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting W...

6.1CVSS6.1AI score0.03929EPSS

Exploits0References2

CNVD•added 2020/03/16 12:0 a.m.•1 views

Heybbs Micro Community v1.2 suffers from SQL injection vulnerability (CNVD-2020-23505)

HEYBBS micro-community is a front-end based on bootstrap+jq+css, back-end php+mysql development of micro-community program. Heybbs Micro Community v1.2 has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.9AI score

Exploits0

CNVD•added 2020/03/01 12:0 a.m.•1 views

ArticleCMS has a file upload vulnerability

ArticleCMS is a responsive information website management system built on Bootstrap 3.2 and ThinkPHP 5.0. ArticleCMS has a file upload vulnerability that can be exploited by attackers to gain server privileges...

7.1AI score

Exploits0

CNVD•added 2020/02/29 12:0 a.m.•1 views

Arbitrary File Deletion Vulnerability in SIYUCMS

SIYUCMS is a content management system based on ThinkPHP5 and Bootstrap. SIYUCMS has an arbitrary file deletion vulnerability that can be exploited by an attacker to delete arbitrary files...

7.1AI score

Exploits0

CNVD•added 2020/02/21 12:0 a.m.•1 views

Heybbs no***_ta***.php file suffers from a SQL injection vulnerability

Heybbs is a front-end based on bootstrap + jq + css, back-end php + mysql development of micro-community programs. A SQL injection vulnerability exists in the Heybbs nota.php file. An attacker can exploit the vulnerability to obtain sensitive information from the database...

7.6AI score

Exploits0