Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/01/21 6:16 p.m.3 views

CVE-2021-47873

VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that allows attackers to inject malicious scripts. Attackers can exploit the 'vinterface' parameter by sending a crafted POST request to the add/ip/ endpoint with a stored XSS payload...

7.2CVSS0.00055EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/01/21 5:27 p.m.1 views

CVE-2021-47873

VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that allows attackers to inject malicious scripts. Attackers can exploit the 'vinterface' parameter by sending a crafted POST request to the add/ip/ endpoint with a stored XSS payload...

7.2CVSS5AI score0.00055EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2026/01/21 5:27 p.m.11 views

CVE-2021-47873

VestaCP is affected in versions prior to 0.9.8-25 by a stored XSS in the IP interface configuration. The vulnerability hinges on the v_interface parameter and can be exploited by sending a crafted POST to the add/ip/ endpoint to inject scripts. This is a cross-site scripting issue with potential ...

7.2CVSS5AI score0.00055EPSS
Exploits0References4
EUVD
EUVDadded 2026/01/21 5:27 p.m.4 views

EUVD-2026-3630

VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that allows attackers to inject malicious scripts. Attackers can exploit the 'vinterface' parameter by sending a crafted POST request to the add/ip/ endpoint with a stored XSS payload...

7.2CVSS5AI score0.00055EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/01/21 5:27 p.m.14 views

CVE-2021-47873 VestaCP < 0.9.8-25 - Stored Cross-Site Scripting

VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that allows attackers to inject malicious scripts. Attackers can exploit the 'vinterface' parameter by sending a crafted POST request to the add/ip/ endpoint with a stored XSS payload...

7.2CVSS0.00055EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/09/02 12:0 a.m.2 views

PT-2025-35583

Name of the Vulnerable Software and Affected Versions: Asian Arts Talents Foundation AATF Website versions 5.1.x Asian Arts Talents Foundation AATF Docker version 2024.12.8.1 Description: The Asian Arts Talents Foundation AATF Website and Docker image are susceptible to a Cross Site Scripting XSS...

6.1CVSS6.1AI score0.00042EPSS
Exploits0References6
OSV
OSVadded 2024/07/26 4:15 p.m.4 views

CVE-2024-41355

phpipam 1.6 is vulnerable to Cross Site Scripting XSS via /app/tools/request-ip/index.php...

6.5CVSS6AI score0.00294EPSS
Exploits1References2
OSV
OSVadded 2022/05/24 5:24 p.m.12 views

GHSA-QVW9-6567-WQ78 MunkiReport reportdata module SQL injection vulnerability

A SQL injection vulnerability in reportdatacontroller.php in the reportdata module before 3.5 for MunkiReport allows attackers to execute arbitrary SQL commands via the req parameter of the /module/reportdata/ip endpoint...

8.8CVSS9.2AI score0.00374EPSS
Exploits0References6
Rows per page
Query Builder