Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2025/01/01 12:0 a.m.3 views

PT-2026-20838

Name of the Vulnerable Software and Affected Versions SPIP versions prior to 4.2.15 Description The application does not properly validate JavaScript within HTML code tags, which allows for the injection of malicious scripts that execute in a victim’s browser. This can lead to Cross-Site Scriptin...

5.4CVSS5.4AI score0.00042EPSS
Exploits0References9
BDU FSTEC
BDU FSTECadded 2024/07/31 12:0 a.m.0 views

The vulnerability of the Archer Platform’s system for creating and managing business applications lies in the lack of protective measures for the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Archer Platform system for creating and managing business applications is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow an attacker to execute arbitrary HTML or JavaScript code...

8.5CVSS0.00309EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTECadded 2021/12/13 12:0 a.m.0 views

The vulnerability of the ArcGIS Server server, related to improper handling of code generation, allows a attacker to execute arbitrary HTML code.

The vulnerability of ArcGIS Server is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary HTML code remotely...

5CVSS0.00333EPSS
Exploits0References2
CNVD
CNVDadded 2017/02/21 12:0 a.m.1 views

Elefant CMS Cross-Site Request Forgery Vulnerability

Elefant CMS is a content management system. Elefant CMS suffers from a cross-site request forgery vulnerability that can be exploited by an attacker to execute arbitrary HTML and script code within a user's browser session in the context of an affected site...

7.3AI score
Exploits0References1
BDU FSTEC
BDU FSTECadded 2016/03/17 12:0 a.m.1 views

The vulnerability of the Business Process Manager system allows a perpetrator to inject arbitrary Web or HTML code.

The vulnerability of the Document List control implementation in the Business Process Manager system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary Web or HTML code using a specially crafted URL...

3.5CVSS0.00241EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTECadded 2016/03/11 12:0 a.m.1 views

Vulnerabilities in the software for Cisco WebEx Meetings Server, which allow attackers to inject arbitrary Web or HTML code

Multiple vulnerabilities in the software for Cisco WebEx Meetings Server exist due to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities allows a malicious actor to inject arbitrary Web or HTML code remotely...

4.3CVSS0.0025EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTECadded 2016/03/11 12:0 a.m.1 views

The vulnerability of Microsoft Excel editors allows a hacker to inject arbitrary Web or HTML code.

The vulnerability of Microsoft Excel editors exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to inject arbitrary Web or HTML code through a specially crafted email message...

4.3CVSS0.10373EPSS
Exploits0References2
Rows per page
Query Builder