CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

874 matches found

CNVD•added 2021/12/01 12:0 a.m.•24 views

Waimai Super Cms Cross-Site Scripting Vulnerability (CNVD-2022-02739)

Waimai Super Cms is a takeaway ordering system. A cross-site scripting vulnerability exists in waimai Super Cms, which originates from the product's /admin.php?&m=Public&a=login link failing to properly process input data. An attacker could cause client-side code execution through this...

6.1CVSS2.6AI score0.00641EPSS

Exploits1References1

CNVD•added 2021/11/29 12:0 a.m.•12 views

WordPress Floating Social Media Icon plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Floating Social Media Icon plugin has a...

4.8CVSS2AI score0.00555EPSS

Exploits0References1

CNNVD•added 2021/11/29 12:0 a.m.•2 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress GenerateBlocks plugin that stems from a...

5.4CVSS5.6AI score0.00604EPSS

Exploits2References2

CNVD•added 2021/11/26 12:0 a.m.•8 views

WordPress WP Sitemap Page Cross-Site Scripting Vulnerability

WordPress is a set of PHP language development blog platform. WP Sitemap Page is a WordPress plugin. A cross-site scripting vulnerability exists in WordPress WP Sitemap Page. The vulnerability stems from the lack of proper validation of client-side data in the web application. An attacker can...

6.5AI score

Exploits0References1

CNVD•added 2021/11/24 12:0 a.m.•21 views

Snipe-IT Cross-Site Scripting Vulnerability (CNVD-2022-19842)

Snipe-IT is an open source IT asset/license management system. Snipe-IT has a cross-site scripting vulnerability that stems from the product's web generation page not validating the input data, which could be exploited by an attacker to cause client-side code execution...

8CVSS2.8AI score0.00731EPSS

Exploits1References1

CNVD•added 2021/11/24 12:0 a.m.•33 views

JetBrains YouTrack Cross-Site Scripting Vulnerability

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. The software has features such as bug tracking, creating workflows and monitoring project progress. A cross-site scripting vulnerability exists in JetBrains YouTrack, which stems from...

3.5CVSS1.7AI score0.00634EPSS

Exploits0Affected Software2

CNVD•added 2021/11/22 12:0 a.m.•55 views

CKEditor cross-site scripting vulnerability (CNVD-2021-92475)

CKEditor is an open source, web-based text editor. CKEditor suffers from a cross-site scripting vulnerability, which stems from the product's failure to effectively filter special characters in input data. An attacker can execute client-side code through this vulnerability...

8.2CVSS6.2AI score0.0147EPSS

Exploits0References1

CNVD•added 2021/11/17 12:0 a.m.•18 views

Kirby Cross-Site Scripting Vulnerability (CNVD-2021-95257)

Kirby is a file-based content management system CMS. Kirby suffers from a cross-site scripting vulnerability that stems from the product's failure to validate input data, which could be exploited by attackers to execute client-side code...

7.3CVSS4.2AI score0.00781EPSS

Exploits0References1

CNVD•added 2021/11/17 12:0 a.m.•19 views

Kirby Cross-Site Scripting Vulnerability (CNVD-2021-95256)

7.3CVSS4.2AI score0.00898EPSS

Exploits0References1

CNNVD•added 2021/11/17 12:0 a.m.•2 views

CKEditor 跨站脚本漏洞

8.2CVSS7.2AI score0.0147EPSS

Exploits0References11

CNNVD•added 2021/11/16 12:0 a.m.•3 views

Kirby 跨站脚本漏洞

7.3CVSS5.3AI score0.00781EPSS

Exploits0References4

CNNVD•added 2021/11/16 12:0 a.m.•3 views

Kirby 跨站脚本漏洞

7.3CVSS5.3AI score0.00898EPSS

Exploits0References4

CNVD•added 2021/11/12 12:0 a.m.•17 views

JetBrains YouTrack Cross-Site Scripting Vulnerability (CNVD-2021-91660)

JetBrains YouTrack, a browser-based bug tracking and project management software from JetBrains Czech Republic, is vulnerable to a cross-site scripting vulnerability in versions prior to JetBrains YouTrack 2021.3.24402. The vulnerability stems from the lack of proper validation of client-side dat...

5.4CVSS2.2AI score0.00546EPSS

Exploits0References1

CNNVD•added 2021/11/05 12:0 a.m.•6 views

SEO Panel 跨站脚本漏洞

SEO Panel is an open source panel for managing SEO Search Engine Optimization on websites. A security vulnerability exists in SEO Panel that stems from multiple cross-site scripting XSS vulnerabilities in SEO Panel v4.8.0. An attacker can exploit the vulnerabilities to execute client-side code...

6.1CVSS6.1AI score0.0081EPSS

Exploits1References2

CNNVD•added 2021/11/04 12:0 a.m.•3 views

GitLab 跨站脚本漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. GitLab suffers from a cross-site scripting vulnerability that stems from the la...

7.7CVSS6.5AI score0.00912EPSS

Exploits1References4

CNVD•added 2021/11/04 12:0 a.m.•7 views

Fortinet FortiAnalyzer Cross-Site Scripting Vulnerability (CNVD-2021-84244)

Fortinet FortiAnalyzer is a set of centralized network security reporting solutions from the U.S. company Fiat Fortinet. The product is mainly used to collect network log data, and through the reporting suite of security events in the log, network traffic, Web content, etc. to analyze, report,...

5.4CVSS6.2AI score0.00451EPSS

Exploits0References1

CNNVD•added 2021/11/02 12:0 a.m.•3 views

Fortinet FortiAnalyzer 跨站脚本漏洞

5.4CVSS5.4AI score0.00451EPSS

Exploits0References4

CNNVD•added 2021/11/02 12:0 a.m.•2 views

ElkarBackup 跨站脚本漏洞

ElkarBackup is an open source backup product based on RSync/RSnapshot technology to backup data on windows/linux platforms. ElkarBackup cross-site scripting vulnerability , the vulnerability stems from the lack of WEB applications on the client data correctly validated . An attacker can exploit...

6.1CVSS6.1AI score0.01125EPSS

Exploits1References2

CNNVD•added 2021/10/26 12:0 a.m.•2 views

Tibco Software TIBCO Nimbus 跨站脚本漏洞

Tibco Software TIBCO Nimbus is a business application for process documentation from Tibco Software, USA. A cross-site scripting vulnerability exists in TIBCO Nimbus, which stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerabilit...

8CVSS5.6AI score0.00576EPSS

Exploits0References4

CNNVD•added 2021/10/26 12:0 a.m.•3 views

Pi-hole 跨站脚本漏洞

Pi-hole is a web-grade ad-blocking application from Pi-hole, Inc. Pi-hole suffers from a cross-site scripting vulnerability that stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit this vulnerability to execute client-side code...

7.3CVSS5.6AI score0.00871EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by