Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

590 matches found

RedhatCVE
RedhatCVEadded 2026/05/11 8:26 p.m.4 views

CVE-2021-47931

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS5.9AI score0.00054EPSS
Exploits0References1
NVD
NVDadded 2026/05/10 1:16 p.m.7 views

CVE-2021-47931

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS0.00054EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/05/10 12:43 p.m.6 views

CVE-2021-47931 Exponent CMS 2.6 Multiple Vulnerabilities Stored XSS Authentication

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS5.9AI score0.00054EPSS
Exploits0References3
CVE
CVEadded 2026/05/10 12:43 p.m.5 views

CVE-2021-47931

Exponent CMS 2.6 is affected by a stored cross-site scripting (XSS) vulnerability in the text editing endpoint, exploitable via Title and Text Block parameters. Attackers with authentication can inject scripts (e.g., iframe payloads with embedded SVG onload events) to run arbitrary JavaScript. Th...

6.4CVSS5.9AI score0.00054EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/10 12:43 p.m.26 views

CVE-2021-47931 Exponent CMS 2.6 Multiple Vulnerabilities Stored XSS Authentication

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS0.00054EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/05/10 12:0 a.m.4 views

Exponent CMS 跨站脚本漏洞

Exponent CMS is a website content management system provided by the Exponent company, offering capabilities for page management and modular content editing. Version 2.6 of Exponent CMS contains a cross-site scripting vulnerability. This vulnerability stems from storage-based cross-site scripting...

6.4CVSS5.8AI score0.00054EPSS
Exploits0References4
GithubExploit
GithubExploitadded 2026/01/21 10:17 p.m.123 views

Exploit for Cross-site Scripting in Exponentcms Exponent_Cms

Synthetic Test Case: CVE-2017-8085 CWE: CWE-79 Origin...

6.1CVSS5.6AI score0.00368EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2026/01/09 11:9 a.m.10 views

CVE-2016-9021

Exponent CMS before 2.6.0 has improper input validation in storeController.php...

9.8CVSS6.9AI score0.00518EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:9 a.m.4 views

CVE-2016-9025

Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php...

9.8CVSS6.9AI score0.00607EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:8 a.m.5 views

CVE-2016-9022

Exponent CMS before 2.6.0 has improper input validation in usersController.php...

9.8CVSS6.9AI score0.00518EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:8 a.m.3 views

CVE-2016-9026

Exponent CMS before 2.6.0 has improper input validation in fileController.php...

9.8CVSS6.9AI score0.00518EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:54 a.m.5 views

CVE-2022-23047

Exponent CMS 2.6.0patch2 allows an authenticated admin user to inject persistent JavaScript code inside the "Site/Organization Name","Site Title" and "Site Header" parameters while updating the site settings on "/exponentcms/administration/configuresite"...

4.8CVSS6.7AI score0.00515EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:34 a.m.2 views

CVE-2017-18213

In Exponent CMS before 2.4.1 Patch 6, certain admin users can elevate their privileges...

7.2CVSS6.9AI score0.00568EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2005-3759

Malware in sbrugna...

10CVSS6.4AI score0.00402EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2016-8305

Malware in sbrugna...

7.5CVSS7.8AI score0.01057EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2016-10054

Malware in sbrugna...

8.8CVSS8.8AI score0.00433EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2016-9951

Malware in sbrugna...

7.5CVSS7.6AI score0.00954EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2016-9722

Malware in sbrugna...

9.8CVSS9.5AI score0.00307EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-9346

Malware in sbrugna...

7.2CVSS7AI score0.00568EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2016-10000

Malware in sbrugna...

7.5CVSS7.8AI score0.00533EPSS
Exploits0References3
Rows per page
Query Builder