CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6574 matches found

Prion•added 2023/04/05 4:15 p.m.•48 views

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

4.3CVSS5.3AI score0.00532EPSS

Exploits1References2Affected Software1

Prion•added 2023/04/05 4:15 p.m.•18 views

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

4.9CVSS5.3AI score0.00472EPSS

Exploits1References2Affected Software1

Prion•added 2023/04/05 4:15 p.m.•13 views

Session fixation

Insufficient Session Expiration in GitHub repository firefly-iii/firefly-iii prior to 6...

5.5CVSS9.5AI score0.00438EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/04/05 12:0 a.m.•15 views

CVE-2023-1758 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in thorsten/phpmyfaq

Failure to Sanitize Special Elements into a Different Plane Special Element Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

8.9CVSS6.1AI score0.00536EPSS

Exploits1References2

Vulnrichment•added 2023/04/05 12:0 a.m.•10 views

CVE-2023-1757 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

8.1CVSS5.9AI score0.00532EPSS

Exploits1References2

Cvelist•added 2023/04/05 12:0 a.m.•42 views

CVE-2023-1879 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

4.7CVSS5.8AI score0.00475EPSS

Exploits1References2

Cvelist•added 2023/04/05 12:0 a.m.•36 views

CVE-2023-1886 Authentication Bypass by Capture-replay in thorsten/phpmyfaq

Authentication Bypass by Capture-replay in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

7.3CVSS9.8AI score0.00875EPSS

Exploits1References2

Vulnrichment•added 2023/04/05 12:0 a.m.•9 views

CVE-2023-1880 Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq

Cross-site Scripting XSS - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

8.3CVSS6.4AI score0.01644EPSS

Exploits1References2

Cvelist•added 2023/04/05 12:0 a.m.•28 views

CVE-2023-1757 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

8.1CVSS5.8AI score0.00532EPSS

Exploits1References2

CVE•added 2023/04/05 12:0 a.m.•49 views

CVE-2023-1881

CVE-2023-1881 affects microweber/microweber before version 1.3.3. The vulnerability is a stored Cross-site Scripting (XSS) due to insufficient input sanitization, with exploitable impact via the X-Forwarded-For header in some reports. Public documents identify an in-the-wild or reported risk and ...

7.4CVSS5.5AI score0.00493EPSS

Exploits1References2Affected Software1

CVE•added 2023/04/05 12:0 a.m.•42 views

CVE-2023-1885

CVE-2023-1885 affects thorsten/phpmyfaq prior to 3.1.12. The vulnerability is a stored XSS caused by failure to sanitize user input in the category field name parameter, enabling script execution when affected data is viewed. Remediation: upgrade to version 3.1.12 (fixed). Multiple sources in the...

6.3CVSS5.4AI score0.00476EPSS

Exploits1References2Affected Software1

CVE•added 2023/04/05 12:0 a.m.•65 views

CVE-2023-1788

CVE-2023-1788 affects Firefly III (firefly-iii/firefly-iii) prior to version 6.0.0, where sessions do not expire promptly after inactivity or on close. The issue is described as insufficient session expiration and is reflected in multiple sources (Red Hat advisory, GitHub advisory, GHSA, OSV, NVD...

9.8CVSS7.3AI score0.00438EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/04/05 12:0 a.m.•7 views

CVE-2023-1878 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

8.3CVSS5.9AI score0.00537EPSS

Exploits1References2

Vulnrichment•added 2023/04/05 12:0 a.m.•8 views

CVE-2023-1884 Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq

Cross-site Scripting XSS - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

4.7CVSS5.4AI score0.00447EPSS

Exploits0References2

Positive Technologies•added 2023/04/05 12:0 a.m.•1 views

PT-2023-17305 · Unknown · Microweber

Name of the Vulnerable Software and Affected Versions: microweber/microweber versions prior to 1.3.3 Description: The issue is related to command injection in the GitHub repository microweber/microweber. Specifically, the "first name" field is vulnerable, allowing for server-side template...

9.8CVSS7AI score0.01799EPSS

Exploits1References9

Cvelist•added 2023/04/05 12:0 a.m.•32 views

CVE-2023-1887 Business Logic Errors in thorsten/phpmyfaq

Business Logic Errors in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

8.3CVSS5.3AI score0.00699EPSS

Exploits1References2

Cvelist•added 2023/04/05 12:0 a.m.•49 views

CVE-2023-1756 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

4.7CVSS5.8AI score0.00472EPSS

Exploits1References2