CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

451 matches found

CNVD•added 2020/06/16 12:0 a.m.•3 views

Open-Xchange OX Guard Cross-Site Scripting Vulnerability (CNVD-2020-53118)

Open-Xchange OX Guard is an encryption software from Open-Xchange USA. The software is mainly used for encryption/decryption of emails and documents. A cross-site scripting vulnerability exists in Open-Xchange OX Guard 2.10.3 and earlier versions. The vulnerability stems from a lack of proper...

6.1CVSS6.4AI score0.0118EPSS

Exploits2References1

CNVD•added 2020/06/09 12:0 a.m.•2 views

Bolt CMS Cross-Site Scripting Vulnerability (CNVD-2020-35955)

Bolt CMS is a PHP-based open source content management system for the Bolt community. A cross-site scripting vulnerability exists in Bolt CMS versions prior to 3.7.1. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...

7.4CVSS8.2AI score0.02026EPSS

Exploits3References1

CNVD•added 2020/06/05 12:0 a.m.•3 views

Cybele Software Thinfinity VirtualUI Cross-Site Scripting Vulnerability

Cybele Software Thinfinity VirtualUI is a solution from Cybele Software that supports embedding remote Windows applications into standard Web applications, allowing two-way interaction with Javascript programming. A cross-site scripting vulnerability exists in Cybele Software Thinfinity VirtualUI...

6.1CVSS6.4AI score0.008EPSS

Exploits1References1

CNVD•added 2020/06/04 12:0 a.m.•2 views

CloudBees Jenkins ECharts API Plugin Cross-Site Scripting Vulnerability (CNVD-2020-33741)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . ECharts API Plugin is used in one of the chart...

5.4CVSS6.5AI score0.00735EPSS

Exploits0References1

CNVD•added 2020/06/03 12:0 a.m.•2 views

Codeorigin Sysax Multi Server Cross-Site Scripting Vulnerability

Codeorigin Sysax Multi Server is an FTP File Transfer Protocol server and Shell server for Windows from Codeorigin USA. A cross-site scripting vulnerability exists in Codeorigin Sysax Multi Server version 6.90. The vulnerability stems from a lack of proper validation of client data by the WEB...

6.1CVSS6.4AI score0.03075EPSS

Exploits4References1

CNVD•added 2020/05/25 12:0 a.m.•3 views

Grafana piechart-panel cross-site scripting vulnerability

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus etc. piechart-panel is one of the pie chart plugin. A cross-site scripting vulnerability exists in Grafan...

5.4CVSS6.4AI score0.0068EPSS

Exploits0References1

CNVD•added 2020/05/22 12:0 a.m.•2 views

Gila CMS Cross-Site Scripting Vulnerability (CNVD-2020-34658)

Gila CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in Gila CMS versions prior to 1.11.6. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...

6.1CVSS6.4AI score0.01814EPSS

Exploits3References1

CNVD•added 2020/05/20 12:0 a.m.•1 views

phpIPAM cross-site scripting vulnerability (CNVD-2020-34452)

phpIPAM is a set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpIPAM version 1.4. The vulnerability stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit the vulnerabili...

4.8CVSS6.3AI score0.00611EPSS

Exploits1References1

CNVD•added 2020/05/08 12:0 a.m.•2 views

LeptonCMS Cross-Site Scripting Vulnerability (CNVD-2020-35502)

LeptonCMS is a content management system CMS for the Lepton Project. A cross-site scripting vulnerability exists in LeptonCMS versions prior to 4.6.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to...

6.1CVSS6.3AI score0.00641EPSS

Exploits0References1

CNVD•added 2020/05/08 12:0 a.m.•1 views

PHP-Fusion Cross-Site Scripting Vulnerability

PHP-Fusion is a Malaysian PHP-Fusion company based on MySql and PHP open source lightweight content management system . The system contains modules such as news, articles and forums. A cross-site scripting vulnerability exists in PHP-Fusion version 9.03.50. The vulnerability stems from the lack o...

6.1CVSS6.4AI score0.00924EPSS

Exploits1References1

CNVD•added 2020/05/06 12:0 a.m.•7 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2021-28035)

NETGEAR R9000, R7800 and R7500 are a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products. The vulnerability stems from the lack of proper validation of client data by the WEB application. An attacker can exploit this vulnerability to execute...

6.1CVSS6.1AI score0.00647EPSS

Exploits0References1

CNVD•added 2020/05/06 12:0 a.m.•5 views

Doorkeeper Information Disclosure Vulnerability

Doorkeeper is an OAuth 2 authentication provider for Rails/Grape applications. An information disclosure vulnerability exists in Doorkeeper 5.0.0 and later versions, which can be exploited by a remote attacker with a specially crafted request to retrieve sensitive information on the client...

7.5CVSS6.6AI score0.02016EPSS

Exploits0References1

CNVD•added 2020/04/30 12:0 a.m.•1 views

SUAP Cross-Site Scripting Vulnerability

SUAP is a unified public management system of the Brazilian IT Management Board DIGTI. The system supports functions such as personnel management, property control, warehouse management, extended project management and document agreement management. A cross-site scripting vulnerability exists in...

5.4CVSS6.4AI score0.00551EPSS

Exploits0

CNVD•added 2020/04/26 12:0 a.m.•1 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-25840)

NETGEAR EX7000 and others are a wireless network signal extender from NETGEAR. A cross-site scripting vulnerability exists in several NETGEAR products. The vulnerability stems from the lack of proper validation of client data by the WEB application, which can be exploited by an attacker to execut...

6.1CVSS6.4AI score0.00647EPSS

Exploits0References1

CNVD•added 2020/04/24 12:0 a.m.•7 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2021-50919)

The NETGEAR R6400, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products. The vulnerability stems from the lack of proper validation of client data by the WEB application. An attacker can exploit this vulnerability to execute...

6.1CVSS6.2AI score0.00647EPSS

Exploits0References1

CNVD•added 2020/04/24 12:0 a.m.•7 views

Fifthplay S.A.M.I Cross-Site Scripting Vulnerability

Fifthplay S.A.M.I is a management interface used in Fifthplay products from Fifthplay Belgium. A cross-site scripting vulnerability exists in versions prior to Fifthplay S.A.M.I 2019.3HP2. The vulnerability stems from the WEB application lacking proper validation of client data. An attacker can...

6.1CVSS6.1AI score0.00672EPSS

Exploits1References1

CNVD•added 2020/04/24 12:0 a.m.•1 views

AirDisk Pro app cross-site scripting vulnerability (CNVD-2020-25589)

AirDisk Pro app is a mobile application for managing AirDisk Pro wireless storage devices. The program supports document viewing, PDF reading, music playback, image viewing, text editing and file management. A cross-site scripting vulnerability exists in version 5.5.3 of the AirDisk Pro app for...

6.1CVSS6.3AI score0.00686EPSS

Exploits2References1

CNVD•added 2020/04/21 12:0 a.m.•3 views

Zulip server cross-site scripting vulnerability (CNVD-2020-33258)

Zulip server is an open source team chat application from the American company Zulip. A cross-site scripting vulnerability exists in Zulip Server versions prior to 2.1.3. The vulnerability stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit this...

5.4CVSS6.3AI score0.00723EPSS

Exploits1References1

CNVD•added 2020/04/17 12:0 a.m.•7 views

Dolibarr ERP/CRM Admin Tools Cross-Site Scripting Vulnerability

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, etc. Admin Tools is one of the management tools. A cross-site scripting...

5.4CVSS5.2AI score0.00698EPSS

Exploits1References1

CNVD•added 2020/04/17 12:0 a.m.•0 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27301)

The NETGEAR R8900, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in several NETGEAR products, which stems from the lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client code...

4.8CVSS6.4AI score0.00522EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by