CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7210 matches found

Cvelist•added 2020/12/15 3:45 p.m.•18 views

CVE-2020-35396

EGavilan Barcodes generator 1.0 is affected by: Cross Site Scripting XSS via the index.php. An Attacker is able to inject the XSS payload in the web application each time a user visits the website...

5.8AI score0.01135EPSS

Exploits1References3

CNVD•added 2020/12/15 12:0 a.m.•1 views

SourceCodester Online Examination System Cross-Site Scripting Vulnerability (CNVD-2020-74075)

SourceCodester Online Examination System is an online examination system from SourceCodester, Inc. in the United States. SourceCodester Online Examination System 1.0 suffers from a cross-site scripting vulnerability that originates in the w parameter of index.php, which can be exploited by an...

6.1CVSS6.4AI score0.00677EPSS

Exploits1References1

CNNVD•added 2020/12/14 12:0 a.m.•3 views

Sourcecodester Car Rental Management System 输入验证错误漏洞

Sourcecodester Car Rental Management System is a car rental management system from Sourcecodester USA. A security vulnerability exists in version 1.0 of the SourceCodester Car Rental Management System, which can be exploited by an unauthenticated user to perform a file inclusion attack on the...

9.8CVSS7.6AI score0.16822EPSS

Exploits1References1

OSV•added 2020/12/09 11:15 p.m.•1 views

CVE-2020-29258

Cross-site scripting XSS vulnerability in Online Examination System 1.0 via the w parameter to index.php...

6.1CVSS6.4AI score0.00677EPSS

Exploits1References1

NVD•added 2020/12/09 11:15 p.m.•10 views

CVE-2020-29258

Cross-site scripting XSS vulnerability in Online Examination System 1.0 via the w parameter to index.php...

6.1CVSS6.1AI score0.00677EPSS

Exploits1References1

Cvelist•added 2020/12/09 10:22 p.m.•13 views

CVE-2020-29258

Cross-site scripting XSS vulnerability in Online Examination System 1.0 via the w parameter to index.php...

6.1AI score0.00677EPSS

Exploits1References1

NVD•added 2020/11/17 9:15 p.m.•24 views

CVE-2020-28129

Stored Cross-site scripting XSS vulnerability in SourceCodester Gym Management System 1.0 allows users to inject and store arbitrary JavaScript code in index.php?page=packages via vulnerable fields 'Package Name' and 'Description'...

6.1CVSS6AI score0.00947EPSS

Exploits1References2

Prion•added 2020/11/17 9:15 p.m.•27 views

Cross site scripting

4.3CVSS5.8AI score0.00947EPSS

Exploits1References2Affected Software1

NVD•added 2020/11/09 4:15 a.m.•15 views

CVE-2020-28351

The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack via the PATHINFO to index.php due to insufficient validation for the timezone object in the HOMEMEETING& page...

6.1CVSS6.1AI score0.15987EPSS

Exploits3References3

Packet Storm•added 2020/11/03 12:0 a.m.•325 views

Processwire CMS 2.4.0 Local File Inclusion

Exploit Title: Local File Inclusion Processwire CMS 2.4.0 Vulnerability Type: Unauthenticated LFI Date: 03.11.2020 Exploit Author: Y1LD1R1M Type: WEBAPPS Platform: PHP Vendor Homepage: https://processwire.com/ Version: 2.4.0 Tested on: Kali Linux Description Local File Inclusion in Processwire CM...

7.4AI score

Exploits0

OSV•added 2020/09/30 6:15 p.m.•22 views

CVE-2020-26042

An issue was discovered in Hoosk CMS v1.8.0. There is a SQL injection vulnerability in install/index.php...

9.8CVSS7.8AI score0.01145EPSS

Exploits1References1

OSV•added 2020/09/30 6:15 p.m.•22 views

CVE-2020-26043

An issue was discovered in Hoosk CMS v1.8.0. There is a XSS vulnerability in install/index.php...

6.1CVSS6AI score0.00692EPSS

Exploits1References1

NVD•added 2020/09/30 6:15 p.m.•10 views

CVE-2020-26041

An issue was discovered in Hoosk CmS v1.8.0. There is an Remote Code Execution vulnerability in install/index.php...

9.8CVSS0.02642EPSS

Exploits1References1

NVD•added 2020/09/30 6:15 p.m.•25 views

CVE-2020-26043

An issue was discovered in Hoosk CMS v1.8.0. There is a XSS vulnerability in install/index.php...

6.1CVSS0.00692EPSS

Exploits1References1

Prion•added 2020/09/30 6:15 p.m.•15 views

Cross site scripting

An issue was discovered in Hoosk CMS v1.8.0. There is a XSS vulnerability in install/index.php...

4.3CVSS5.9AI score0.00692EPSS

Exploits1References1Affected Software1

Prion•added 2020/09/30 6:15 p.m.•16 views

Sql injection

An issue was discovered in Hoosk CMS v1.8.0. There is a SQL injection vulnerability in install/index.php...

7.5CVSS9.7AI score0.01145EPSS

Exploits1References1Affected Software1

Zero Science Lab•added 2020/09/30 12:0 a.m.•165 views

SpinetiX Fusion Digital Signage 3.4.8 File Backup/Delete Path Traversal

Summary At SpinetiX we inspire businesses to unlock the potential of their story. We believe in the power of digital signage as a dynamic new storytelling platform to engage with people. For more than 13 years, we have been constantly innovating to deliver cutting-edge digital signage solutions...

6AI score

Exploits0

CVE•added 2020/09/29 1:43 p.m.•44 views

CVE-2020-26042

CVE-2020-26042 affects Hoosk CMS v1.8.0 with a SQL injection vulnerability in install/index.php. Per the connected NVD record, the issue yields partial confidentiality, partial integrity, and partial availability impacts (CVSS v2 base 7.5, HIGH; CVSS v3.1 base 9.8, CRITICAL). Exploitation details...

9.8CVSS9.7AI score0.01145EPSS

Exploits1References1Affected Software1

Cvelist•added 2020/09/29 1:43 p.m.•13 views

CVE-2020-26042

An issue was discovered in Hoosk CMS v1.8.0. There is a SQL injection vulnerability in install/index.php...

9.8AI score0.01145EPSS

Exploits1References1

Cvelist•added 2020/09/29 1:40 p.m.•15 views

CVE-2020-26041

An issue was discovered in Hoosk CmS v1.8.0. There is an Remote Code Execution vulnerability in install/index.php...

9.8AI score0.02642EPSS

Exploits1References1