CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7210 matches found

Packet Storm•added 2023/09/13 12:0 a.m.•291 views

Kleeja 1.5.4 Cross Site Scripting

==================================================================================================================================== | Title : Kleeja v1.5.4 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor :...

7.1AI score

Exploits0

NVD•added 2023/09/09 9:15 p.m.•28 views

CVE-2023-4864

A vulnerability, which was classified as problematic, was found in SourceCodester Take-Note App 1.0. This affects an unknown part of the file index.php. The manipulation of the argument noteContent with the input alert'xss' leads to cross site scripting. It is possible to initiate the attack...

6.1CVSS4.5AI score0.00542EPSS

Exploits1References3

Prion•added 2023/09/09 9:15 p.m.•18 views

Cross site scripting

4CVSS6AI score0.00542EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/09/09 9:0 p.m.•37 views

CVE-2023-4864 SourceCodester Take-Note App index.php cross site scripting

4CVSS6.2AI score0.00542EPSS

Exploits1References3

CNNVD•added 2023/09/09 12:0 a.m.•2 views

SourceCodester Take-Note App Cross-Site Scripting Vulnerability

Take-Note App is a note-taking application by the individual developer Remy Andrade. A cross-site scripting vulnerability exists in SourceCodester Take-Note App, which originates from a cross-site scripting attack via index.php...

6.1CVSS6.2AI score0.00542EPSS

Exploits1References4

OSV•added 2023/09/06 5:15 p.m.•13 views

CVE-2021-36646

A Cross Site Scrtpting XSS vulnerability in KodExplorer 4.45 allows remote attackers to run arbitrary code via /index.php page...

6.1CVSS7AI score

Exploits0References1

NVD•added 2023/09/06 5:15 p.m.•10 views

CVE-2021-36646

A Cross Site Scrtpting XSS vulnerability in KodExplorer 4.45 allows remote attackers to run arbitrary code via /index.php page...

6.1CVSS6.3AI score0.00705EPSS

Exploits0References1

CVE•added 2023/09/06 12:0 a.m.•74 views

CVE-2021-36646

CVE-2021-36646 – KodExplorer 4.45 : Several connected sources confirm a cross-site scripting (XSS) issue. The nuclei template specifies a reflected XSS in the file view functionality, specifically in app/template/api/view.html where the path parameter is echoed unsafely, enabling attacker-supplie...

6.1CVSS6.2AI score0.00705EPSS

Exploits0References1Affected Software1

CVE•added 2023/09/04 12:31 a.m.•37 views

CVE-2023-4749

CVE-2023-4749 affects SourceCodester Inventory Management System 1.0 (index.php). The vulnerability arises from manipulating the optional page argument to the file index.php, enabling file inclusion and remote access. Multiple sources corroborate a critical severity, with CVSS-derived scores indi...

9.8CVSS7.2AI score0.00863EPSS

Exploits1References3Affected Software1

ATTACKERKB•added 2023/09/01 10:15 a.m.•3 views

CVE-2023-41364

In tine through 2023.01.14.325, the sort parameter of the /index.php endpoint allows SQL Injection...

9.8CVSS7.4AI score0.00773EPSS

Exploits1References4

NVD•added 2023/09/01 10:15 a.m.•18 views

CVE-2023-41364

In tine through 2023.01.14.325, the sort parameter of the /index.php endpoint allows SQL Injection...

9.8CVSS9.7AI score0.00773EPSS

Exploits1References3

Prion•added 2023/09/01 10:15 a.m.•17 views

Sql injection

In tine through 2023.01.14.325, the sort parameter of the /index.php endpoint allows SQL Injection...

7.5CVSS9.7AI score0.00773EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/09/01 12:0 a.m.•16 views

CVE-2023-41364

In tine through 2023.01.14.325, the sort parameter of the /index.php endpoint allows SQL Injection...

9.9AI score0.00773EPSS

Exploits1References3

CVE•added 2023/09/01 12:0 a.m.•45 views

CVE-2023-41364

CVE-2023-41364 affects tine (team collaboration software) prior to version 2023.01.14.325. The vulnerability is an SQL Injection in the sort parameter of the /index.php endpoint, caused by unsafely handling input in that parameter. Impact is described by sources as critical (CVSS v3.1: high confi...

9.8CVSS9.6AI score0.00773EPSS

Exploits1References3Affected Software1

Packet Storm•added 2023/08/29 12:0 a.m.•273 views

HS-booking CMS 2.79 SQL Injection

==================================================================================================================================== | Title : HS-booking CMS v2.79 SQl injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozila Firefox 68.0 32-bit |...

7.1AI score

Exploits0

OSV•added 2023/08/28 1:15 p.m.•2 views

CVE-2023-40749

PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the "column" parameter of index.php...

9.8CVSS5.8AI score0.03306EPSS

Exploits0References2

OSV•added 2023/08/28 1:15 p.m.•3 views

CVE-2023-40753

There is a Cross Site Scripting XSS vulnerability in the message parameter of index.php in PHPJabbers Ticket Support Script v3.2...

5.4CVSS5.8AI score0.01053EPSS

Exploits0References2