CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6574 matches found

Cvelist•added 2023/05/30 12:0 a.m.•37 views

CVE-2023-2983 Privilege Defined With Unsafe Actions in pimcore/pimcore

Privilege Defined With Unsafe Actions in GitHub repository pimcore/pimcore prior to 10.5.23...

6.5CVSS9AI score0.00919EPSS

Exploits1References2

OSV•added 2023/05/30 12:0 a.m.•9 views

CVE-2023-2972 Prototype Pollution in antfu/utils

Prototype Pollution in GitHub repository antfu/utils prior to 0.7.3...

5.4CVSS5.8AI score0.00991EPSS

Exploits1References4

ATTACKERKB•added 2023/05/29 7:15 a.m.•2 views

CVE-2023-2954

Cross-site Scripting XSS - Stored in GitHub repository liangliangyy/djangoblog prior to master...

5.4CVSS5.9AI score0.00409EPSS

Exploits1References3

CVE•added 2023/05/29 12:0 a.m.•50 views

CVE-2023-2954

CVE-2023-2954 is a stored XSS in the DjangoBlog project liangliangyy/djangoblog prior to master. Connected sources confirm the vulnerability arises from handling Markdown comments, enabling script execution when users view or interact with comments. PoCs and documented payloads exist (Huntr, etc....

5.4CVSS5.1AI score0.00409EPSS

Exploits1References2Affected Software1

NVD•added 2023/05/28 4:15 a.m.•22 views

CVE-2023-2948

Cross-site Scripting XSS - Generic in GitHub repository openemr/openemr prior to 7.0.1...

8.3CVSS6.3AI score0.96731EPSS

Exploits1References2

Prion•added 2023/05/28 4:15 a.m.•12 views

Cross site scripting

Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr prior to 7.0.1...

6.8CVSS6AI score0.01472EPSS

Exploits1References2Affected Software1

Prion•added 2023/05/28 4:15 a.m.•8 views

Cross site scripting

Cross-site Scripting XSS - Generic in GitHub repository openemr/openemr prior to 7.0.1...

6.8CVSS6AI score0.96731EPSS

Exploits1References2Affected Software1

Prion•added 2023/05/28 4:15 a.m.•14 views

Authorization

Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1...

4.9CVSS8.1AI score0.00559EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/05/28 12:0 a.m.•20 views

CVE-2023-2948 Cross-site Scripting (XSS) - Generic in openemr/openemr

Cross-site Scripting XSS - Generic in GitHub repository openemr/openemr prior to 7.0.1...

8.3CVSS6.5AI score0.96731EPSS

Exploits1References2

CVE•added 2023/05/28 12:0 a.m.•107 views

CVE-2023-2950

CVE-2023-2950 affects OpenEMR prior to 7.0.1 and is tied to improper authorization that enables an HTML-injection vulnerability through the patient portal API. Specifically, the PUT endpoint /openemr/portal/patient/api/onsitedocument/{id} accepts a fullDocument payload; a malicious user can modif...

8.1CVSS7.1AI score0.00559EPSS

Exploits1References2Affected Software1