CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2020/01/23 12:0 a.m.•2 views

Cisco Email Security Appliance Cross-Site Scripting Vulnerability

Cisco Email Security Appliance ESA is an email security appliance from Cisco in the U.S. AsyncOS Software is the operating system that runs on it. A cross-site scripting vulnerability exists in the Cisco Email Security Appliance 13.0 and prior versions. The vulnerability stems from a lack of prop...

6.1CVSS6.3AI score0.0084EPSS

CNVD•added 2020/01/20 12:0 a.m.•3 views

SAP Disclosure Management Cross-Site Scripting Vulnerability (CNVD-2020-03253)

SAP Disclosure Management is an automated financial disclosure management system from SAP. The system provides a collaborative financial disclosure process across teams, geographies, systems and data sources. A cross-site scripting vulnerability exists in SAP Disclosure Management versions prior ...

5.4CVSS6.1AI score0.00536EPSS

CNVD•added 2020/01/20 12:0 a.m.•1 views

UHP UHP-100 cross-site scripting vulnerability (CNVD-2020-07243)

The UHP-100 is a high-performance router designed for large-scale deployment in broadband VSAT networks. A cross-site scripting vulnerability exists in UHP-100 3.4.1.15, 3.4.2.4, and 3.4.3. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker...

6.1CVSS6.4AI score0.00668EPSS

CNVD•added 2020/01/19 12:0 a.m.•4 views

WordPress chained-quiz cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. chained-quiz is a chained quiz creation plugin used in it. A cross-site scripting vulnerability exists in WordPress chained-quiz versi...

6.1CVSS6.3AI score0.01607EPSS

CNVD•added 2020/01/19 12:0 a.m.•3 views

Cacti Cross-Site Scripting Vulnerability (CNVD-2020-04005)

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A cross-site scripting vulnerability exists in several files in Cac...

6.1CVSS7.1AI score0.02139EPSS

CNVD•added 2020/01/15 12:0 a.m.•1 views

WordPress flog cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress flog version 0.1. The vulnerability stems from a lack...

6.1CVSS6.3AI score0.00939EPSS

CNVD•added 2020/01/13 12:0 a.m.•2 views

OpenTrade Cross-Site Scripting Vulnerability

OpenTrade is an open source cryptocurrency trading platform. A cross-site scripting vulnerability exists in OpenTrade 0.2.0 and prior versions. The vulnerability stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit the vulnerability to execute...

7.6CVSS6.4AI score0.00927EPSS

CNVD•added 2020/01/10 12:0 a.m.•3 views

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01242)

Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...

6.1CVSS6.4AI score0.01172EPSS

CNVD•added 2020/01/10 12:0 a.m.•2 views

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01243)

6.1CVSS6.4AI score0.01411EPSS

CNVD•added 2020/01/10 12:0 a.m.•2 views

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01244)

6.1CVSS6.4AI score0.01172EPSS

CNVD•added 2020/01/10 12:0 a.m.•3 views

Electronic Logbook (ELOG) Cross-Site Scripting Vulnerability

ELOG is a web application written in C for creating personal and general logs. A cross-site scripting vulnerability exists in ELOG version 3.1.4. The vulnerability stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit the vulnerability to execute...

6.1CVSS6.4AI score0.00785EPSS

CNVD•added 2020/01/10 12:0 a.m.•3 views

Juniper Networks Junos OS Cross-Site Scripting Vulnerability (CNVD-2020-03713)

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A cross-site scripting vulnerability exists in J-Web in Juniper Networks Junos OS, which arises from a lack of proper...

7.5CVSS6.5AI score0.00881EPSS

CNVD•added 2020/01/08 12:0 a.m.•1 views

Mozilla Firefox and Mozilla Firefox ESR Cross-Site Scripting Vulnerability (CNVD-2020-01175)

Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A cross-site scripting vulnerability exists in Mozilla Firefox ESR versions prio...

6.1CVSS8.4AI score0.01988EPSS

CNVD•added 2020/01/08 12:0 a.m.•3 views

seeftl cross-site scripting vulnerability

seeftl is a static server for previewing ftl files. A cross-site scripting vulnerability exists in seefl version 0.1.1. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

6.1CVSS6.4AI score0.00752EPSS

CNVD•added 2020/01/07 12:0 a.m.•2 views

GitLab Cross-Site Scripting Vulnerability (CNVD-2020-01236)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in GitLab. Th...

5.4CVSS6.3AI score0.00727EPSS

CNVD•added 2020/01/07 12:0 a.m.•4 views

IceWarp WebMail Server Cross-Site Scripting Vulnerability

IceWarp WebMail Server is a Web-based mail server product from the U.S. company IceWarp. The product supports email archiving, SmartAttach attachments, automatic migration and more. A cross-site scripting vulnerability exists in IceWarp WebMail Server version 12.2.0 and version 12.1.x prior to...

6.1CVSS6.3AI score0.00866EPSS

CNVD•added 2020/01/06 12:0 a.m.•3 views

OX App Suite Cross-Site Scripting Vulnerability (CNVD-2020-03028)

Open-Xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A cross-site scripting vulnerability exists in Open-Xchange App Suite 7.10.2 and prior versions. The vulnerability...

6.1CVSS6.4AI score0.01537EPSS

CNVD•added 2020/01/02 12:0 a.m.•2 views

WordPress Easy Career Openings Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Easy Career Openings is a plugin for job search and recruitment sites. A cross-site scripting vulnerability exists in WordPress Easy...

6.1CVSS6.3AI score0.01163EPSS

CNVD•added 2020/01/02 12:0 a.m.•2 views

Support Incident Tracker Cross-Site Scripting Vulnerability (CNVD-2020-04725)

Support Incident Tracker SiT! is a PHP and MySQL based technical support phone/email tracking system. A cross-site scripting vulnerability exists in the Load Plugins field of the config.php page in version 3.67 of SiT! The vulnerability stems from a lack of proper validation of client-side data i...

6.1CVSS6.4AI score0.00668EPSS