Lucene search
K

8 matches found

CVE
CVE
added 2 days ago11 views

CVE-2026-6820

CVE-2026-6820: The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the email parameter in all versions up to 1.8.8 due to insufficient input sanitization and output escaping. Unauthenticated attackers can inject arbitrary web scripts in ...

7.2CVSS6.1AI score0.00229EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-8945

Malware in sbrugna...

9.8CVSS9.5AI score0.01544EPSS
Exploits0References3
OSV
OSV
added 2025/04/15 10:15 p.m.5 views

CVE-2025-29471

Cross Site Scripting vulnerability in Nagios Log Server v.2024R1.3.1 allows a remote attacker to execute arbitrary code via a payload into the Email field...

8.3CVSS6.2AI score0.06386EPSS
Exploits2References3
CNNVD
CNNVD
added 2023/03/10 12:0 a.m.5 views

Enhancesoft osTicket 跨站脚本漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. A cross-site scripting vulnerability exists in Enhancesoft osTicket versions prior to 1.16.6, which stems from the presence of a stored cross-site scripting XSS vulnerability. The vulnerability ca...

5.4CVSS4.8AI score0.00514EPSS
Exploits1References3
exploitpack
exploitpack
added 2019/04/08 12:0 a.m.15 views

CentOS Web Panel 0.9.8.793 (Free) 0.9.8.753 (Pro) - Cross-Site Scripting

CentOS Web Panel 0.9.8.793 Free 0.9.8.753 Pro - Cross-Site Scripting Exploit Title: CentOS Web Panel v0.9.8.793 Free and v0.9.8.753 Pro - Email Field Stored Cross-Site Scripting Vulnerability Google Dork: N/A Date: 06 - April - 2019 Exploit Author: DKM Vendor Homepage: http://centos-webpanel.com...

3.5CVSS5AI score0.02879EPSS
Exploits5
CNVD
CNVD
added 2015/08/18 12:0 a.m.6 views

WordPress Job Manager Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Job Manager is one of the task manager plugin. A cross-site scripting vulnerability exists in WordPress Job Manage...

4.3CVSS6AI score0.0489EPSS
Exploits6References1
OSV
OSV
added 2009/10/13 10:30 a.m.4 views

DEBIAN-CVE-2009-3695

Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...

5CVSS6.7AI score0.03686EPSS
Exploits0References1
securityvulns
securityvulns
added 2005/11/26 12:0 a.m.38 views

XSS in PBLang 4.65 Profile.php/UCP.php

Who's got the magic stick? It sure as hell ain't 50 Cent. Excuse me for posting again within minutes but I did not properly check the other forms. In UCP.php, when editing your profile, in several fields you can inject code into the page, just as in the SendPm.php. EX: Input table: "URL"...

Exploits0
Rows per page
Query Builder