CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

197 matches found

OSV•added 2021/03/24 2:15 p.m.•2 views

CVE-2021-27315

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via the comment parameter...

7.5CVSS7.2AI score0.07826EPSS

Exploits3References1

Cvelist•added 2021/03/24 1:41 p.m.•17 views

CVE-2021-27315

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via the comment parameter...

8.1AI score0.07826EPSS

Exploits3References1

OSV•added 2021/03/01 9:15 p.m.•2 views

CVE-2021-27317

Cross Site Scripting XSS vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter...

6.1CVSS6.5AI score

Exploits0References2

NVD•added 2021/03/01 9:15 p.m.•7 views

CVE-2021-27317

Cross Site Scripting XSS vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter...

6.1CVSS0.01313EPSS

Exploits3References2

Prion•added 2021/03/01 9:15 p.m.•11 views

Cross site scripting

Cross Site Scripting XSS vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter...

4.3CVSS6AI score0.01313EPSS

Exploits3References2Affected Software1

Cvelist•added 2021/03/01 8:16 p.m.•10 views

CVE-2021-27317

Cross Site Scripting XSS vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter...

6.1AI score0.01313EPSS

Exploits3References2

Positive Technologies•added 2020/03/12 12:0 a.m.•5 views

PT-2020-12131 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns how comments are handled in article.php, specifically through a vulnerable function in include/functions-article.php. This allows attackers to execute Stored Blind...

6.1CVSS6AI score0.00742EPSS

Exploits1References3

OSV•added 2018/08/07 7:29 a.m.•3 views

CVE-2018-15129

ThinkSAAS through 2018-07-25 has XSS via the index.php?app=article&ac=comment&ts=do content parameter...

5.4CVSS5.8AI score0.00667EPSS

Exploits1References1

OSV•added 2018/01/16 7:29 p.m.•3 views

CVE-2018-5370

BizLogic xnami 1.0 has XSS via the comment parameter in an addComment action to the /media/ajax URI...

6.1CVSS5.8AI score0.02227EPSS

Exploits5References2

NVD•added 2018/01/16 7:29 p.m.•20 views

CVE-2018-5370

BizLogic xnami 1.0 has XSS via the comment parameter in an addComment action to the /media/ajax URI...

6.1CVSS6AI score0.02227EPSS

Exploits5References2

Prion•added 2018/01/16 7:29 p.m.•12 views

Design/Logic Flaw

BizLogic xnami 1.0 has XSS via the comment parameter in an addComment action to the /media/ajax URI...

4.3CVSS5.9AI score0.02227EPSS

Exploits5References2Affected Software1

CVE•added 2018/01/16 7:0 p.m.•54 views

CVE-2018-5370

CVE-2018-5370 affects BizLogic xnami 1.0, a PHP-based image sharing script. The issue is a Cross-Site Scripting (XSS) vulnerability via the comment parameter in the addComment action to the /media/ajax URI. The root cause is insufficient input sanitization on the comment field, enabling injection...

6.1CVSS5.9AI score0.02227EPSS

Exploits5References2Affected Software1

Packet Storm•added 2018/01/12 12:0 a.m.•31 views

Xnami Image Sharing 1.0 Cross Site Scripting

Exploit Title: Xnami Image Sharing - Persistent XSS Vulnerability Google Dork: " Copyright 2017 xnami. " & 2018 Date: 11-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: bizlogicdev.com Version: 1.0 CVE-ID: CVE-2018-5370 Xnami facilitates the...

6.4AI score0.02227EPSS

Exploits5

Exploit DB•added 2018/01/12 12:0 a.m.•26 views

Xnami 1.0 - Cross-Site Scripting

6.1CVSS6.3AI score0.02227EPSS

Exploits5

OSV•added 2017/12/18 9:29 a.m.•4 views

CVE-2017-17649

Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter...

6.1CVSS5.8AI score0.02506EPSS

Exploits5References2

NVD•added 2017/12/18 9:29 a.m.•21 views

CVE-2017-17649

Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter...

6.1CVSS6.5AI score0.02506EPSS

Exploits5References2

Cvelist•added 2017/12/18 9:0 a.m.•25 views

CVE-2017-17649

Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter...

6.4AI score0.02506EPSS

Exploits5References2

CNVD•added 2015/04/14 12:0 a.m.•3 views

Kemp Virtual LoadMaster /progs/fwaccess/add/0 comment stored cross-site scripting vulnerability

Kemp Virtual LoadMaster is a virtual load balancer. Kemp Virtual LoadMaster /progs/fwaccess/add/0 handles the comment parameter cross-site scripting vulnerability, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code that can be used to gain access to...

6.4AI score

Exploits0References1

NVD•added 2014/12/16 6:59 p.m.•11 views

CVE-2014-8751

Multiple cross-site scripting XSS vulnerabilities in goYWP WebPress 13.00.06 allow remote attackers to inject arbitrary web script or HTML via the 1 searchparam parameter to search.php or 2 name, 3 address, or 4 comment parameter to forms.php...

4.3CVSS5.8AI score0.01423EPSS

Exploits1References2

Cvelist•added 2014/11/06 3:0 p.m.•24 views

CVE-2014-8658

Cross-site scripting XSS vulnerability in RefinedWiki Original Theme 3.x before 3.5.13 and 4.x before 4.0.12 for Confluence allows remote authenticated users with permissions to create or edit content to inject arbitrary web script or HTML via the versionComment parameter to pages/doeditpage.acti...

5.4AI score0.0184EPSS

Exploits1References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by