CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2026/03/16 6:32 p.m.•5 views

EUVD-2026-12458

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by manipulating the Device Name field. Attackers can inject malicious scripts through the System Status interface that execut...

5.1CVSS5.8AI score0.00138EPSS

Exploits0References3

CNNVD•added 2026/03/16 12:0 a.m.•3 views

Hereta ETH-IMC408M 跨站脚本漏洞

The Hereta ETH-IMC408M is an Ethernet switch device produced by the Hereta company in the United States. Versions of Hereta ETH-IMC408M prior to 1.0.15 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of the Device Name field, which could lead to...

5.4CVSS5.6AI score0.00138EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-28945

Malware in sbrugna...

6.1CVSS6.3AI score0.007EPSS

Exploits1References2

Positive Technologies•added 2024/01/17 12:0 a.m.•3 views

PT-2024-14278 · Skyworth · Skyworth Router Cm5100

Name of the Vulnerable Software and Affected Versions: Skyworth Router CM5100 version 4.1.1.24 Description: This issue exists due to insufficient validation of user-supplied input for the Device Name parameter at the web interface. A remote attacker could exploit this by supplying specially craft...

6.9CVSS5.2AI score0.00358EPSS

Exploits0References4

OSV•added 2023/08/08 11:15 a.m.•1 views

CVE-2023-4202

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the device name field of the web-interface...

5.4CVSS5.8AI score

Exploits0References3