CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

RedhatCVE•added 2025/05/23 9:16 a.m.•3 views

CVE-2024-37629

SummerNote v0.9.1 is vulnerable to Cross Site Scripting XSS via the Code View Function...

6.1CVSS6.4AI score0.00264EPSS

Exploits1References1

Github Security Blog•added 2024/06/12 6:30 p.m.•28 views

SummerNote Cross Site Scripting Vulnerability

SummerNote 0.8.18 is vulnerable to Cross Site Scripting XSS via the Code View Function...

6.1CVSS6.1AI score0.00264EPSS

Exploits1References4Affected Software1

OSV•added 2024/06/12 6:30 p.m.•1 views

GHSA-CC55-MVQC-G9MG SummerNote Cross Site Scripting Vulnerability

SummerNote 0.8.18 is vulnerable to Cross Site Scripting XSS via the Code View Function...

6.1CVSS6.4AI score0.00264EPSS

Exploits1References4

NVD•added 2024/06/12 6:15 p.m.•19 views

CVE-2024-37629

SummerNote v0.9.1 is vulnerable to Cross Site Scripting XSS via the Code View Function...

6.1CVSS0.00264EPSS

Exploits1References3

OSV•added 2024/06/12 6:15 p.m.•3 views

CVE-2024-37629

SummerNote v0.9.1 is vulnerable to Cross Site Scripting XSS via the Code View Function...

6.1CVSS5.8AI score0.00264EPSS

Exploits1References3

Vulnrichment•added 2024/06/12 12:0 a.m.•22 views

CVE-2024-37629

SummerNote v0.9.1 is vulnerable to Cross Site Scripting XSS via the Code View Function...

5.8AI score0.00264EPSS

Exploits1References3

CNNVD•added 2024/06/12 12:0 a.m.•1 views

SummerNote Cross-Site Scripting Vulnerability

Summernote is a super simple WYSIWYG editor from Summernote open source. A cross-site scripting vulnerability exists in SummerNote version 0.8.18, which stems from vulnerability to cross-site scripting attacks via the code view feature...

6.1CVSS6.3AI score0.00264EPSS

Exploits1References4

Positive Technologies•added 2024/06/12 12:0 a.m.•2 views

PT-2024-27684 · Unknown · Summernote

Name of the Vulnerable Software and Affected Versions: SummerNote version 0.8.18 Description: The issue is related to Cross Site Scripting XSS via the Code View Function. This means an attacker could potentially inject malicious scripts into the code view of SummerNote, affecting users who intera...

6.1CVSS6.3AI score0.00264EPSS

Exploits1References7

CVE•added 2024/06/12 12:0 a.m.•62 views

CVE-2024-37629

SummerNote vulnerability CVE-2024-37629 impacts SummerNote in Code View mode across versions including v0.9.1 (and related advisories cite v0.8.18 in older contexts). The NVD/NVD-derived details indicate XSS due to insufficient input handling, with a CVSSv3.1 base score of 6.1 (Medium): attack ve...

6.1CVSS5.8AI score0.00264EPSS

Exploits1References3Affected Software1

Cvelist•added 2024/06/12 12:0 a.m.•21 views

CVE-2024-37629

SummerNote v0.9.1 is vulnerable to Cross Site Scripting XSS via the Code View Function...

0.00264EPSS

Exploits1References3

0day.today•added 2021/03/09 12:0 a.m.•95 views

Froala 3.2.6-1 Cross Site Scripting Vulnerability

Exploit Title: Stored XSS and Html Code Injection Editor Froala Version 3.2.6-1 Author: Vincent666 ibn Winnie Software Link: https://froala.com/wysiwyg-editor/ Tested on: Windows 10 Web Browser: Mozilla Firefox My Youtube Channel: https://www.youtube.com/channel/UCZOWpC2dW9sipPq5z63C2rQ PoC: In t...

7.4AI score

Exploits0

OSV•added 2019/05/31 10:29 p.m.•2 views

CVE-2019-6725

The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 2.00AAKK.3 devices. After accessing the page, the admin user's password can be obtained by viewing the HTML source code, and the interface of the modem can be accessed as admin...

9.8CVSS7.3AI score0.00436EPSS

Exploits2References1

NVD•added 2018/11/03 4:29 p.m.•10 views

CVE-2018-18909

xhEditor 1.2.2 allows XSS via JavaScript code in the SRC attribute of an IFRAME element within the editor's source-code view...

6.1CVSS6.1AI score0.0024EPSS

Exploits1References1

OSV•added 2018/11/03 4:29 p.m.•10 views

CVE-2018-18909

xhEditor 1.2.2 allows XSS via JavaScript code in the SRC attribute of an IFRAME element within the editor's source-code view...

6.1CVSS5.9AI score

Exploits0References1

Prion•added 2018/11/03 4:29 p.m.•15 views

Design/Logic Flaw

xhEditor 1.2.2 allows XSS via JavaScript code in the SRC attribute of an IFRAME element within the editor's source-code view...

4.3CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

OpenVAS•added 2010/05/31 12:0 a.m.•9 views

nginx Space String Remote Source Code Disclosure Vulnerability

nginx is prone to a remote source code-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view the source code of files in the context of the server process, which may aid in further attacks. This issue affects nginx...

Exploits0References2

OpenVAS•added 2005/11/03 12:0 a.m.•10 views

IBM-HTTP-Server View Code

IBM's HTTP Server on the AS/400 platform is vulnerable to an attack that will show the source code of the page -- such as an .html or .jsp page -- by attaching an '/' to the end of a URL. Example: http://www.example.com/getsource.jsp/ OpenVAS Vulnerability Test $Id: ibmservercode.nasl 8023...

Exploits0

OpenVAS•added 2005/11/03 12:0 a.m.•14 views

IBM-HTTP-Server View Code

IBM SPDX-FileCopyrightText: 2001 Felix Huber Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10799"; scriptversion"2026-04-28T06:28:06+0000...

5.2AI score

Exploits0References1

CVE•added 2000/10/13 4:0 a.m.•43 views

CVE-2000-0499

BEA WebLogic 3.1.8–4.5.1 is affected. The default configuration allows a remote attacker to view the source code of a JSP program by requesting a URL that exposes the JSP extension in upper case. Root cause: default config enables exposing JSP source. Impact: confidentiality of JSP source could b...

7.5CVSS7.1AI score0.01411EPSS

Exploits1References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by