CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5006 matches found

NVD•added 2021/03/26 9:15 a.m.•9 views

CVE-2021-20683

Improper neutralization of JavaScript input in the blog article editing function of baserCMS versions prior to 4.4.5 allows remote authenticated attackers to inject an arbitrary script via unspecified vectors...

5.4CVSS0.00203EPSS

Exploits0References2

Prion•added 2021/03/26 9:15 a.m.•14 views

Input validation

3.5CVSS5.4AI score0.00203EPSS

Exploits0References2Affected Software1

CVE•added 2021/03/26 8:50 a.m.•50 views

CVE-2021-20681

CVE-2021-20681 affects baserCMS prior to 4.4.5. The issue is improper neutralization of JavaScript input in the page editing feature, allowing remote authenticated attackers to inject arbitrary scripts via unspecified vectors. Impact is described as potential script execution in the user’s browse...

5.4CVSS5.4AI score0.00203EPSS

Exploits0References2Affected Software1

CNNVD•added 2021/03/26 12:0 a.m.•2 views

Rocket.Chat 跨站脚本漏洞

Rocket.Chat is an open source team chat software. A cross-site scripting vulnerability exists in versions prior to Rocket.Chat 3.11, 3.10.5, 3.9.7, and 3.8.8 that allows remote attackers to inject arbitrary JavaScript into messages...

6.1CVSS5.4AI score0.00752EPSS

Exploits0References4

CNVD•added 2021/03/26 12:0 a.m.•9 views

Plone cross-site scripting vulnerability (CNVD-2021-22849)

Plone is an open source content management system CMS built on the Zope application server. A cross-site scripting vulnerability exists in Plone version 5.2.3, which stems from the form.widgets.sitetitle parameter not effectively filtering user input, and can be exploited by an attacker to inject...

5.4CVSS5.9AI score0.0031EPSS

Exploits1References1

CNVD•added 2021/03/26 12:0 a.m.•8 views

SEO Panel Cross-Site Scripting Vulnerability (CNVD-2021-23384)

SEO Panel is a free, open source SEO optimization software. A cross-site scripting vulnerability exists in SEO Panel version 4.8.0. An attacker can exploit this vulnerability to inject JavaScript via the reporttype parameter in archive.php...

4.8CVSS5.9AI score0.00179EPSS

Exploits1References1

CNVD•added 2021/03/26 12:0 a.m.•6 views

SEO Panel Cross-Site Scripting Vulnerability (CNVD-2021-23382)

SEO Panel is a free, open source SEO optimization software. A cross-site scripting vulnerability exists in SEO Panel version 4.8.0. The vulnerability can be exploited to inject JavaScript via the type parameter in archive.php...

4.8CVSS5.9AI score0.00179EPSS

Exploits1References1

CNVD•added 2021/03/26 12:0 a.m.•8 views

SEO Panel Cross-Site Scripting Vulnerability (CNVD-2021-23383)

4.8CVSS5.9AI score0.00171EPSS

Exploits1References1

CNNVD•added 2021/03/26 12:0 a.m.•4 views

SEO Panel 跨站脚本漏洞

7.5CVSS5.2AI score0.0019EPSS

Exploits2References2

OSV•added 2021/03/25 8:15 p.m.•10 views

CVE-2021-29009

A cross-site scripting XSS issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "type" parameter...

4.8CVSS5.9AI score

Exploits0References1

OSV•added 2021/03/25 8:15 p.m.•11 views

CVE-2021-29008

A cross-site scripting XSS issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via webmaster-tools.php in the "totime" parameter...

4.8CVSS5.9AI score

Exploits0References1

NVD•added 2021/03/25 8:15 p.m.•9 views

CVE-2021-29010

A cross-site scripting XSS issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "reporttype" parameter...

4.8CVSS0.00179EPSS

Exploits1References1

NVD•added 2021/03/25 8:15 p.m.•9 views

CVE-2021-29009

A cross-site scripting XSS issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "type" parameter...

4.8CVSS0.00179EPSS

Exploits1References1

OSV•added 2021/03/25 8:15 p.m.•8 views

CVE-2021-29010

A cross-site scripting XSS issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "reporttype" parameter...

4.8CVSS5.9AI score

Exploits0References1

Prion•added 2021/03/25 8:15 p.m.•16 views

Cross site scripting

A cross-site scripting XSS issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "reporttype" parameter...

3.5CVSS4.9AI score0.00179EPSS

Exploits1References1Affected Software1

Prion•added 2021/03/25 8:15 p.m.•12 views

Cross site scripting

A cross-site scripting XSS issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "type" parameter...

3.5CVSS4.9AI score0.00179EPSS

Exploits1References1Affected Software1

Prion•added 2021/03/25 8:15 p.m.•9 views

Cross site scripting

A cross-site scripting XSS issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via webmaster-tools.php in the "totime" parameter...

3.5CVSS4.9AI score0.00171EPSS

Exploits1References1Affected Software1

CVE•added 2021/03/25 7:21 p.m.•45 views

CVE-2021-29010

CVE-2021-29010 is a cross-site scripting (XSS) vulnerability in SEO Panel version 4.8.0. The flaw allows remote attackers to inject JavaScript via archive.php in the report_type parameter. Multiple sources (NVD, Red Hat, CNVD, OSV, CVE lists) corroborate the issue; exploitation and impact are con...

4.8CVSS4.9AI score0.00179EPSS

Exploits1References1Affected Software1