Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/29 9:30 a.m.2 views

EUVD-2025-36624

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TieLabs Sahifa sahifa allows DOM-Based XSS.This issue affects Sahifa: from n/a through 5.8.6...

6.5CVSS5.9AI score0.0003EPSS
Exploits0References2
Malwarebytes
Malwarebytesadded 2025/02/06 6:21 a.m.12 views

University site cloned to evade ad detection distributes fake Cisco installer

There is a constant "cat and mouse" game between defenders and attackers, the latter trying to outsmart and get a head start on the former. In the context of online advertising, this involves creating fake identities or using stolen ones to push out malicious ads. An attacker not only needs to...

7.5AI score
Exploits0
CNVD
CNVDadded 2021/08/12 12:0 a.m.41 views

ZEIT Next.js Input Validation Error Vulnerability (CNVD-2021-61800)

ZEIT Next.js is an open source web application framework from ZEIT based on Vue.js, Node.js, Webpack, and Babel.js. ZEIT Next.js is vulnerable to an input validation error in versions prior to 11.1.0, which stems from a web system or product that does not properly validate input data. An attacker...

6.9CVSS3.4AI score0.0043EPSS
Exploits0References1
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.20 views

Invision Power Board 1.3 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9768/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to insufficient sanitization of input supplied via the 'c', 'f', , 'showuser', and 'username' URI parameters...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.23 views

PNG Counter 1.0 Demo.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14392/info PNG Counter is prone to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input that will be output in dynamically generated Web page...

7.1AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2013/07/03 5:4 p.m.1 views

OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)

Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous...

4.3CVSS6.8AI score0.26602EPSS
Exploits1References6
ATTACKERKB
ATTACKERKBadded 2008/10/17 9:29 p.m.2 views

CVE-2008-4596

Cross-site scripting XSS vulnerability in Shindig-Integrator 5.x, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in generated pages...

4.3CVSS5.7AI score0.00322EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2005/09/21 12:0 a.m.37 views

PHP Advanced Transfer Manager <= 1.30 Multiple Vulnerabilities

The version of PHP Advanced Transfer Manager on the remote host suffers from multiple information disclosure and cross-site scripting flaws. For example, by calling a text or HTML viewer directly, an unauthenticated attacker can view arbitrary files, provided PHP's 'registerglobals' setting is...

5.7AI score
Exploits0References1
Rows per page
Query Builder