Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

123 matches found

Prion
Prionadded 2024/02/08 8:15 p.m.11 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Edit Page function of Cotonti CMS v0.9.24 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.9CVSS5.7AI score0.00397EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2023/12/29 12:15 p.m.9 views

CVE-2023-41814

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pandora FMS on all allows Cross-Site Scripting XSS. Through an HTML payload iframe tag it is possible to carry out XSS attacks when the user receiving the messages opens their notifications. This...

6.1CVSS0.0026EPSS
Exploits0References1
Prion
Prionadded 2023/12/29 12:15 p.m.18 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pandora FMS on all allows Cross-Site Scripting XSS. Through an HTML payload iframe tag it is possible to carry out XSS attacks when the user receiving the messages opens their notifications. This...

5.8CVSS5.8AI score0.0026EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/12/29 11:45 a.m.18 views

CVE-2023-41814 XSS Vulnerability Messages

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pandora FMS on all allows Cross-Site Scripting XSS. Through an HTML payload iframe tag it is possible to carry out XSS attacks when the user receiving the messages opens their notifications. This...

3.7CVSS6AI score0.0026EPSS
Exploits0References1
Huntr
Huntradded 2023/08/05 10:21 p.m.11 views

HTML Injection - real Aptabase emails

Description Due to lack of validation Name field during registration, bad actor can send emails with HTML injected code to the victims. Proof of Concept Payload example: Jameees Repro steps: Go to https://eu.aptabase.com/auth/register and for field 'Name' use payload with HTML. Open email from...

7AI score
Exploits0References2
GithubExploit
GithubExploitadded 2023/08/01 11:40 a.m.386 views

Exploit for Cross-site Scripting in Ninjaforms Ninja_Forms

CVE-2023-37979 Exploit !Python Versionhttps://img.shields...

7.1CVSS6.4AI score0.0601EPSS
Exploits6
Prion
Prionadded 2023/07/06 3:15 p.m.16 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Management Custom label module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.9CVSS5.2AI score0.00332EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2023/07/06 3:15 p.m.19 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.9CVSS5.2AI score0.00297EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2023/04/10 6:30 a.m.13 views

GHSA-4J2P-X79M-JCJ8 XXL-JOB vulnerable to Cross-site Scripting

XXL-JOB com.xuxueli:xxl-job versions 2.4.0 and earlier are vulnerable to cross-site scripting XSS. An HTML uploaded payload can be executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

6.1CVSS5.5AI score0.00463EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2023/04/10 6:30 a.m.40 views

XXL-JOB vulnerable to Cross-site Scripting

XXL-JOB com.xuxueli:xxl-job versions 2.4.0 and earlier are vulnerable to cross-site scripting XSS. An HTML uploaded payload can be executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

6.1CVSS5.8AI score0.00463EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2023/04/10 5:15 a.m.6 views

CVE-2023-26120

This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

6.1CVSS6.3AI score0.00463EPSS
Exploits1References1
Prion
Prionadded 2023/04/10 5:15 a.m.16 views

Hardcoded credentials

This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

5.8CVSS6.2AI score0.00463EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2023/04/10 5:0 a.m.8 views

CVE-2023-26120

This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

5.4CVSS6.7AI score0.00463EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/04/10 5:0 a.m.19 views

CVE-2023-26120

This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...

5.4CVSS6.5AI score0.00463EPSS
Exploits1References1
CVE
CVEadded 2023/04/10 5:0 a.m.51 views

CVE-2023-26120

CVE-2023-26120 affects com.xuxueli:xxl-job; multiple sources confirm an HTML payload can be executed via /xxl-job-admin/user/add and /xxl-job-admin/user/update, enabling cross-site scripting (XSS). Affected versions include 2.4.0 and earlier, with the issue originating from unsafe handling of HTM...

6.1CVSS6.2AI score0.00463EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2023/04/05 9:15 p.m.27 views

CVE-2023-1787

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description...

5.3CVSS4.5AI score0.00752EPSS
Exploits0References2
OSV
OSVadded 2023/04/05 9:15 p.m.2 views

UBUNTU-CVE-2023-1787

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description...

5.3CVSS5.7AI score0.00752EPSS
Exploits0References2
Prion
Prionadded 2023/04/05 9:15 p.m.19 views

Design/Logic Flaw

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description...

5CVSS4.9AI score0.00752EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2023/04/05 12:0 a.m.27 views

CVE-2023-1787

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description...

4.3CVSS5.6AI score0.00752EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2023/04/05 12:0 a.m.18 views

CVE-2023-1787

Removed by vendor...

5.3CVSS6AI score0.00752EPSS
Exploits0
Rows per page
Query Builder