CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Circl•added 2022/09/28 2:36 a.m.•3 views

CVE-2022-38975

creationtimestamp| type| source ---|---|--- 2022-09-28 02:36:18+00:00| seen| https://t.me/cibsecurity/50537...

5.4CVSS4.7AI score0.00538EPSS

Exploits0References1

NVD•added 2022/09/27 11:15 p.m.•14 views

CVE-2022-38975

DOM-based cross-site scripting vulnerability in EC-CUBE 4 series EC-CUBE 4.0.0 to 4.1.2 allows a remote attacker to inject an arbitrary script by having an administrative user of the product to visit a specially crafted page...

5.4CVSS0.00538EPSS

Exploits0References2

OSV•added 2022/09/27 11:15 p.m.•22 views

CVE-2022-38975

5.4CVSS6.3AI score

Exploits0References2

Vulnrichment•added 2022/09/27 1:55 a.m.•5 views

CVE-2022-38975

5.2AI score0.00538EPSS

Exploits0References2

CVE•added 2022/09/27 1:55 a.m.•54 views

CVE-2022-38975

EC-CUBE 4 series (versions 4.0.0–4.1.2) has a DOM-based cross-site scripting vulnerability (CWE-79) that can be triggered when an administrator visits a specially crafted page, allowing arbitrary script execution in the admin’s browser. The root cause is an unvalidated DOM path tied to admin-faci...

5.4CVSS5.2AI score0.00538EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by