CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5654 matches found

CNVD•added 2025/11/18 12:0 a.m.•2 views

WordPress Booking Manager plugin cross-site scripting vulnerability

WordPress Booking Manager plugin is a tool for managing appointments and schedules, supporting features such as synchronization with external ICS calendars, importing events and exporting booking data. A cross-site scripting vulnerability exists in the WordPress Booking Manager plugin, which stem...

6.5CVSS6.3AI score0.00132EPSS

Exploits0References1

EUVD•added 2025/11/17 6:30 p.m.•4 views

EUVD-2025-197846

CWE-79 Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting'...

4.8CVSS6.1AI score0.00149EPSS

Exploits0References2

OSV•added 2025/11/17 6:15 p.m.•2 views

CVE-2025-55056

Multiple CWE-79 Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting'...

6.1CVSS5.8AI score0.00149EPSS

Exploits0References1

OSV•added 2025/11/17 6:15 p.m.•2 views

CVE-2025-55059

CWE-79 Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting'...

6.1CVSS5.8AI score0.00149EPSS

Exploits0References1

NVD•added 2025/11/17 6:15 p.m.•8 views

CVE-2025-55059

CWE-79 Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting'...

6.1CVSS0.00149EPSS

Exploits0References1

Cvelist•added 2025/11/17 5:36 p.m.•8 views

CVE-2025-55059

CWE-79 Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting'...

4.8CVSS0.00149EPSS

Exploits0References1

EUVD•added 2025/11/17 5:28 p.m.•3 views

EUVD-2025-197851

Multiple CWE-79 Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting'...

4.8CVSS6.1AI score0.00149EPSS

Exploits0References2

CVE•added 2025/11/17 5:28 p.m.•8 views

CVE-2025-55056

CNNVD-202511-1880 reports CVE-2025-55056 as affecting Maxum Rumpus FTP Server, specifically version 9.0.12, with a cross-site scripting flaw caused by improper input neutralization during web page generation. The description notes XSS as the impact, but does not provide exploit details or a confi...

6.1CVSS6.2AI score0.00149EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/11/17 5:28 p.m.•2 views

CVE-2025-55056

Multiple CWE-79 Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting'...

4.8CVSS6.2AI score0.00149EPSS

Exploits0References1

NVD•added 2025/11/17 12:15 p.m.•4 views

CVE-2025-40834

A vulnerability has been identified in Mendix RichText All versions = V4.0.0 V4.6.1. Affected widget does not properly neutralize the input. This could allow an attacker to execute cross-site scripting attacks...

6.8CVSS0.00201EPSS

Exploits0References1

Cvelist•added 2025/11/17 11:39 a.m.•3 views

CVE-2025-40834

6.8CVSS0.00201EPSS

Exploits0References1

CNNVD•added 2025/11/17 12:0 a.m.•3 views

Maxum Rumpus FTP Server 操作系统命令注入漏洞

Maxum Rumpus FTP Server is an FTP server software from Maxum. An operating system command injection vulnerability exists in Maxum Rumpus FTP Server version 9.0.12, which stems from improper neutralization of a special element and can lead to OS command injection...

9.8CVSS7.5AI score0.00743EPSS

Exploits0References1

Positive Technologies•added 2025/11/17 12:0 a.m.•3 views

PT-2025-47180

Name of the Vulnerable Software and Affected Versions affected versions not specified Description The software is susceptible to a cross-site scripting issue due to improper input neutralization during web page generation. This allows for the injection of malicious scripts into web pages...

4.8CVSS6.2AI score0.00149EPSS

Exploits0References4

CNNVD•added 2025/11/17 12:0 a.m.•3 views

Maxum Rumpus FTP Server 跨站脚本漏洞

Maxum Rumpus FTP Server is an FTP server software from Maxum. A cross-site scripting vulnerability exists in Maxum Rumpus FTP Server version 9.0.12, which stems from improper input neutralization and could lead to cross-site scripting attacks...

6.1CVSS6AI score0.00149EPSS

Exploits0References1

Cvelist•added 2025/11/13 9:24 a.m.•5 views

CVE-2025-64383 WordPress Qi Blocks plugin <= 1.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Qode Qi Blocks qi-blocks allows Stored XSS.This issue affects Qi Blocks: from n/a through = 1.4.3...

6.5CVSS0.00135EPSS

Exploits0References1

CNNVD•added 2025/11/13 12:0 a.m.•2 views

WordPress plugin Booster for WooCommerce 安全漏洞

WordPress Booster for WooCommerce Plugin is a multi-functional plugin designed specifically for the WooCommerce e-commerce platform, offering more than 100 features including PDF invoices, product variants, wish lists, and other tools designed to streamline e-commerce operations and enhance user...

6.5CVSS5.9AI score0.00135EPSS

Exploits0References1

Tenable Nessus•added 2025/11/13 12:0 a.m.•2 views

Siemens SIMATIC S7-1500 Improper Neutralization of Input During Web Page Generation (CVE-2016-3709)

Possible cross-site scripting vulnerability in libxml after commit 960f0e2. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504354;...

6.1CVSS6.6AI score0.00749EPSS

Exploits1References4

RedhatCVE•added 2025/11/12 6:1 p.m.•1 views

CVE-2025-62210

Improper neutralization of input during web page generation 'cross-site scripting' in Dynamics 365 Field Service online allows an authorized attacker to perform spoofing over a network...

8.7CVSS5.4AI score0.00581EPSS

Exploits0References1

ATTACKERKB•added 2025/11/11 11:48 a.m.•3 views

CVE-2025-11960

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Aryom Software High Technology Systems Inc. KVKNET allows Reflected XSS. This issue affects KVKNET: before 2.1.8...

6.1CVSS5.8AI score0.00161EPSS

Exploits0References3

CNNVD•added 2025/11/11 12:0 a.m.•2 views

Aryom KVKNET 跨站脚本漏洞

Aryom KVKNET is a compliance management software from Aryom Turkey. A cross-site scripting vulnerability exists in Aryom KVKNET versions prior to 2.1.8, which stems from improper input neutralization and could lead to a reflected cross-site scripting attack...

6.1CVSS6AI score0.00161EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by