CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

682 matches found

Cvelist•added 2023/09/28 12:0 a.m.•16 views

CVE-2023-41446

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component...

6.5AI score0.00666EPSS

Exploits1References3

CNNVD•added 2023/09/28 12:0 a.m.•2 views

DedeCMS Code Issues Vulnerabilities

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has content publishing, content management, content editing and content retrieval functions. A code issue vulnerability exists in...

8.8CVSS7.7AI score0.00156EPSS

Exploits1References2

Cvelist•added 2023/09/28 12:0 a.m.•17 views

CVE-2023-43873

A Cross Site Scripting XSS vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Name filed in the Manage Menu...

5.5AI score0.00225EPSS

Exploits1References1

CNNVD•added 2023/09/28 12:0 a.m.•2 views

e017 CMS Cross-Site Scripting Vulnerability

e017 CMS is a content management system by e017. A cross-site scripting vulnerability exists in e017 CMS version v.2.3.2. An attacker can exploit this vulnerability by executing arbitrary code on the name field in the Manage Menu via a specially crafted script...

5.4CVSS6.6AI score0.00225EPSS

Exploits1References2

Github Security Blog•added 2023/09/25 12:30 p.m.•105 views

Gevent allows remote attacker to escalate privileges

An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component...

9.8CVSS8.7AI score0.03974EPSS

Exploits1References7Affected Software1

OSV•added 2023/09/25 12:15 p.m.•0 views

DEBIAN-CVE-2023-41419

An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component...

9.8CVSS8.4AI score0.03974EPSS

Exploits1References1

OSV•added 2023/09/25 12:15 p.m.•1 views

UBUNTU-CVE-2023-41419

An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component...

9.8CVSS7.2AI score0.03974EPSS

Exploits1References2

Cvelist•added 2023/09/25 12:0 a.m.•21 views

CVE-2023-41419

An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component...

9.5AI score0.03974EPSS

Exploits1References2

ATTACKERKB•added 2023/09/20 1:15 a.m.•0 views

CVE-2023-38886

An issue in Dolibarr ERP CRM v.17.0.1 and before allows a remote privileged attacker to execute arbitrary code via a crafted command/script...

7.2CVSS6.2AI score0.50447EPSS

Exploits1References3

OSV•added 2023/09/18 10:15 p.m.•12 views

CVE-2023-41443

SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list...

7.2CVSS8.8AI score

Exploits0References1

Prion•added 2023/09/18 10:15 p.m.•12 views

Sql injection

SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list...

5.8CVSS7.4AI score0.00969EPSS

Exploits1References1Affected Software1

NVD•added 2023/09/18 3:15 p.m.•14 views

CVE-2023-42371

Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component...

5.4CVSS5.7AI score0.00375EPSS

Exploits1References2

Prion•added 2023/09/18 3:15 p.m.•27 views

Cross site scripting

4.9CVSS5.7AI score0.00375EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2023/09/18 12:0 a.m.•11 views

CVE-2023-41443

SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list...

8.5AI score0.00969EPSS

Exploits1References1

Cvelist•added 2023/09/18 12:0 a.m.•12 views

CVE-2023-41443

SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list...

7.5AI score0.00969EPSS

Exploits1References1

CVE•added 2023/09/18 12:0 a.m.•105 views

CVE-2023-41443

CVE-2023-41443 is a SQL injection vulnerability in Novel-Plus v4.1.0. A remote attacker can craft input in the sort parameter of the /sys/menu/list API to execute arbitrary code. Root cause: unsafely handling user-supplied sort value enables injection. Impact: arbitrary code execution as describe...

7.2CVSS7.3AI score0.00969EPSS

Exploits1References1Affected Software1

NVD•added 2023/09/14 10:15 p.m.•12 views

CVE-2023-40869

Cross Site Scripting vulnerability in mooSocial mooSocial Software 3.1.6 and 3.1.7 allows a remote attacker to execute arbitrary code via a crafted script to the editmenu, copuon, and groupcategorias functions...

6.1CVSS6.4AI score0.09287EPSS

Exploits1References1

Prion•added 2023/09/14 10:15 p.m.•15 views

Cross site scripting

5.8CVSS6.3AI score0.09287EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/09/14 12:0 a.m.•12 views

CVE-2023-40869

6.6AI score0.09287EPSS

Exploits1References1

Vulnrichment•added 2023/09/11 12:0 a.m.•5 views

CVE-2023-39067