CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2020/02/21 12:0 a.m.•2 views

Synacor Zimbra Collaboration Cross-Site Scripting Vulnerability (CNVD-2020-13200)

Synacor Zimbra Collaboration Suite ZCS is an open source collaboration suite from Synacor, USA. The product includes WebMail, Calendar, Address Book and more. A cross-site scripting vulnerability exists in Synacor Zimbra Collaboration versions prior to 8.0.8. The vulnerability stems from the WEB...

6.1CVSS6.4AI score0.00827EPSS

CNVD•added 2020/02/21 12:0 a.m.•3 views

NEC Aterm WG2600HS Cross-Site Scripting Vulnerability

The NEC Aterm WG2600HS is a wireless router from Nippon Electric NEC. A cross-site scripting vulnerability exists in the NEC Aterm WG2600HS version 1.3.2, which originates from a WEB application that lacks proper validation of client data. An attacker can exploit the vulnerability to execute...

6.1CVSS6.4AI score0.00801EPSS

CNVD•added 2020/02/21 12:0 a.m.•3 views

Synacor Zimbra Collaboration Cross-Site Scripting Vulnerability (CNVD-2020-13201)

5.4CVSS6.4AI score0.00688EPSS

CNVD•added 2020/02/20 12:0 a.m.•4 views

Netsweeper Cross-Site Scripting Vulnerability (CNVD-2020-10711)

Netsweeper is a Web content filtering solution from Netsweeper Canada. A cross-site scripting vulnerability exists in the webadmin / policy / grouptableajax.php file in versions of Netsweeper prior to 3.1.10, which stems from a lack of proper validation of client-side data by the WEB application...

6.1CVSS6.3AI score0.03939EPSS

CNVD•added 2020/02/19 12:0 a.m.•21 views

WordPress Cross-Site Scripting Vulnerability (CNVD-2020-10610)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress suffers from a cross-site scripting vulnerability. The vulnerability stems from the WEB application'...

6.1CVSS6.3AI score0.01058EPSS

CNVD•added 2020/02/17 12:0 a.m.•5 views

Maxum Rumpus Cross-Site Scripting Vulnerability

Maxum Rumpus is an FTP and Web file transfer server. A cross-site scripting vulnerability exists in Maxum Rumpus that can be exploited by an attacker to execute client-side code...

6.1CVSS6.3AI score0.00812EPSS

CNVD•added 2020/02/17 12:0 a.m.•3 views

CloudBees Jenkins Brakeman plugin cross-site scripting vulnerability

CloudBees Jenkins is a web application that can use a large number of servers as build slaves to handle larger build/test loads. A cross-site scripting vulnerability exists in the Brakeman plugin in CloudBees Jenkins, version 0.12 and earlier. The vulnerability stems from a lack of proper...

5.4CVSS6.4AI score0.00822EPSS

CNVD•added 2020/02/17 12:0 a.m.•3 views

Codoforum cross-site scripting vulnerability (CNVD-2020-14697)

Codoforum is a set of PHP and MySQL based forum software. A cross-site scripting vulnerability exists in Codoforum version 4.8.8. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to execute client-side...

5.4CVSS6.4AI score0.00531EPSS

CNVD•added 2020/02/17 12:0 a.m.•2 views

iTop Cross-Site Scripting Vulnerability (CNVD-2020-10004)

iTop is open source ITIL ITSM software. A cross-site scripting vulnerability exists in iTop 2.6.0 and earlier versions. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

6.1CVSS6.4AI score0.00774EPSS

CNVD•added 2020/02/14 12:0 a.m.•1 views

Wowza Streaming Engine Code Execution Vulnerability

Wowza Streaming Engine is a streaming media server software from Wowza Media Systems. The program supports live streaming, VOD, online video chat, and remote recording. A security vulnerability exists in Wowza Streaming Engine. The vulnerability stems from the lack of proper validation of client...

7.8CVSS7.2AI score0.00451EPSS

CNVD•added 2020/02/12 12:0 a.m.•2 views

IBM Security Secret Cross-Site Scripting Vulnerability

IBM Security Secret Server is a set of privileged access management solutions from IBM USA. The product supports password management, privileged account identification and privileged session access monitoring and logging. A cross-site scripting vulnerability exists in IBM Security Secret. The...

6.1CVSS8.8AI score0.0073EPSS

CNVD•added 2020/02/11 12:0 a.m.•5 views

WSO2 API Manager Cross-Site Scripting Vulnerability (CNVD-2020-05094)

WSO2 API Manager is an open source api management platform , provides a series of api creation , release , lifecycle management , version control , monetization, governance and security features , used to support organizations to achieve soa. A cross-site scripting vulnerability exists in WSO2 AP...

4.8CVSS6.4AI score0.008EPSS

6.1CVSS6.5AI score0.02462EPSS

WordPress Auth0 wp-auth0 Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Auth0 wp-auth0. The vulnerability stems from the WEB application...

CNVD•added 2020/02/11 12:0 a.m.•1 views

Dell EMC ECS Cross-Site Scripting Vulnerability

DELL EMC ELASTIC CLOUD STORAGE ECS software-defined object storage, designed for legacy and next-generation workloads, offers excellent scalability, flexibility and resiliency. Dell EMC ECS cross-site scripting vulnerability. The vulnerability stems from a lack of proper validation of client data...

6.2CVSS6.4AI score0.00622EPSS

6.1CVSS6.4AI score0.01401EPSS

Zimbra Collaboration Cross-Site Scripting Vulnerability (CNVD-2020-05089)

Zimbra Collaboration is a suite of email and collaboration solutions from Zimbra USA. The solution offers email, contacts, calendaring, file sharing, social networking, and more. A cross-site scripting vulnerability exists in Zimbra Collaboration. The vulnerability stems from the WEB application...

5.4CVSS6.4AI score0.01106EPSS

Zimbra Collaboration Cross-Site Scripting Vulnerability (CNVD-2020-05085)

CNVD•added 2020/02/11 12:0 a.m.•3 views

Red Hat Keycloak Cross-Site Scripting Vulnerability

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A cross-site scripting vulnerability exists in Red Hat keycloak versions prior to 9.0.0. The vulnerability stems from a lack of proper...

6.1CVSS6.5AI score0.00758EPSS

6.1CVSS6.4AI score0.00965EPSS

Zimbra Collaboration Cross-Site Scripting Vulnerability (CNVD-2020-05087)

CNVD•added 2020/02/03 12:0 a.m.•3 views

F5 BIG-IP APM cross-site scripting vulnerability (CNVD-2020-50291)

F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. A cross-site scripting vulnerability exists in F5 BIG-IP APM. The vulnerability stems from a lack of proper validation of client data by the W...

5.4CVSS6.3AI score0.00521EPSS