CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3632 matches found

OSV•added 2023/07/28 9:30 a.m.•11 views

GHSA-RXVJ-5MV6-J5MC Cross-site Scripting in Mingsoft MCMS

A Cross-site Scripting vulnerability has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. Th...

3.5CVSS5.9AI score0.01365EPSS

Exploits1References5

Github Security Blog•added 2023/07/28 9:30 a.m.•23 views

Cross-site Scripting in Mingsoft MCMS

6.1CVSS6.3AI score0.01365EPSS

Exploits1References5Affected Software1

OSV•added 2023/07/28 7:15 a.m.•3 views

CVE-2023-3990

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...

6.1CVSS3.8AI score0.01365EPSS

Exploits1References3

NVD•added 2023/07/28 7:15 a.m.•14 views

CVE-2023-3990

6.1CVSS4.5AI score0.01365EPSS

Exploits1References3

Prion•added 2023/07/28 7:15 a.m.•14 views

Cross site scripting

4CVSS6AI score0.01365EPSS

Exploits1References3Affected Software1

CVE•added 2023/07/28 7:0 a.m.•71 views

CVE-2023-3990

Mingsoft MCMS

6.1CVSS4.7AI score0.01365EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/07/28 7:0 a.m.•19 views

CVE-2023-3990 Mingsoft MCMS HTTP POST Request search.do cross site scripting

4CVSS6.2AI score0.01365EPSS

Exploits1References3

0day.today•added 2023/07/28 12:0 a.m.•186 views

Availability Booking Calendar v1.0 - Multiple Cross-site scripting Vulnerability

Exploit Title: Availability Booking Calendar v1.0 - Multiple Cross-site scripting XSS Exploit Author: Andrey Stoykov Tested on: Ubuntu 20.04 Blog: http://msecureltd.blogspot.com XSS 1: Steps to Reproduce: 1. Browse to Bookings 2. Select All Bookings 3. Edit booking and select Promo Code 4. Enter...

7.1AI score

Exploits0

Cvelist•added 2023/07/27 11:31 a.m.•27 views

CVE-2023-3969 GZ Scripts Availability Booking Calendar PHP HTTP POST Request index.php cross site scripting

A vulnerability, which was classified as problematic, has been found in GZ Scripts Availability Booking Calendar PHP 1.0. Affected by this issue is some unknown functionality of the file index.php of the component HTTP POST Request Handler. The manipulation of the argument promocode leads to cros...

4CVSS5.6AI score0.00502EPSS

Exploits1References3

Tenable Nessus•added 2023/07/25 12:0 a.m.•31 views

Cisco NX-OS Software NX-API Command Injection (CVE-2022-20650)

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation of user supplied data that is sent to the NX-API. An attacker could exploit thi...

9CVSS8.6AI score0.1455EPSS

Exploits0References2

NVD•added 2023/07/23 10:15 a.m.•24 views

CVE-2023-3850

A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=deletecategory of the component HTTP POST Request Handler. The manipulation of the argume...

9.8CVSS7.4AI score0.00418EPSS

Exploits0References2

Prion•added 2023/07/23 10:15 a.m.•22 views

Sql injection

6.5CVSS9.7AI score0.00418EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/07/23 10:0 a.m.•30 views

CVE-2023-3850 SourceCodester Lost and Found Information System HTTP POST Request sql injection

6.5CVSS10AI score0.00418EPSS

Exploits0References2

Veracode•added 2023/07/22 10:17 a.m.•19 views

Improper Privilege Management

gitlab is vulnerable to Improper Privilege Management. The vulnerability exists because the missing sanitization of HTML attributes in Jupyter notebooks, which allows an attacker to perform arbitrary HTTP POST requests on a user's behalf leading to potential account takeover...

8.8CVSS6.8AI score0.00815EPSS

Exploits1References4Affected Software1

NVD•added 2023/07/22 9:15 a.m.•13 views

CVE-2023-3827

A vulnerability was found in Bug Finder Listplace Directory Listing Platform 3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /listplace/user/ticket/create of the component HTTP POST Request Handler. The manipulation of the argument message leads...

6.1CVSS4.5AI score0.00339EPSS

Exploits0References2

Prion•added 2023/07/22 9:15 a.m.•19 views

Cross site scripting

4CVSS5.9AI score0.00339EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/07/22 9:0 a.m.•26 views

CVE-2023-3827 Bug Finder Listplace Directory Listing Platform HTTP POST Request create cross site scripting

4CVSS6.2AI score0.00339EPSS

Exploits0References2

CVE•added 2023/07/22 9:0 a.m.•48 views

CVE-2023-3827

CVE-2023-3827 affects Bug Finder Listplace Directory Listing Platform 3.0. The vulnerability is in the HTTP POST Request Handler, specifically the /listplace/user/ticket/create endpoint, where manipulating the message argument leads to cross-site scripting. The attack is described as potentially ...

6.1CVSS4.8AI score0.00339EPSS

Exploits0References2Affected Software1

NVD•added 2023/07/20 8:15 p.m.•26 views

CVE-2023-3793

A vulnerability was found in Weaver e-cology. It has been rated as critical. This issue affects some unknown processing of the file filelFileDownloadForOutDoc.class of the component HTTP POST Request Handler. The manipulation of the argument fileid with the input 1+WAITFOR+DELAY leads to sql...

9.8CVSS7AI score0.00421EPSS

Exploits0References2

OSV•added 2023/07/20 8:15 p.m.•5 views

CVE-2023-3793

9.8CVSS5.7AI score0.00421EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by