CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2026/01/14 11:19 p.m.•4 views

CVE-2022-50905

e107 CMS version 3.2.1 contains multiple vulnerabilities that allow cross-site scripting XSS attacks. The first vulnerability is a reflected XSS that occurs in the news comment functionality when authenticated users interact with the comment form. An attacker can inject malicious JavaScript code...

9.8CVSS5.9AI score0.00089EPSS

Exploits1References1

OSV•added 2026/01/13 11:15 p.m.•1 views

CVE-2022-50905

6.1CVSS5.8AI score

Exploits0References4

NVD•added 2026/01/13 11:15 p.m.•1 views

CVE-2022-50905

9.8CVSS0.00089EPSS

Exploits1References4

Vulnrichment•added 2026/01/13 10:51 p.m.•1 views

CVE-2022-50905 e107 CMS v3.2.1 - Reflected XSS via Comment Flow

9.8CVSS5.5AI score0.00089EPSS

Exploits1References4

CVE•added 2026/01/13 10:51 p.m.•7 views

CVE-2022-50905

CVE-2022-50905 affects e107 CMS v3.2.1. The issues: (1) a reflected XSS in the news comment flow, where an authenticated user can inject JavaScript via a URL parameter that executes when they click outside the comment field; (2) an upload restriction bypass for authenticated administrators that e...

9.8CVSS5.5AI score0.00089EPSS

Exploits1References4Affected Software1

NVD•added 2009/12/10 12:30 a.m.•13 views

CVE-2009-4250

Multiple cross-site scripting XSS vulnerabilities in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allow remote attackers to inject arbitrary web script or HTML via 1 the result parameter to register.php; 2 the user parameter to search.php; the 3 catmsg, 4 sourcemsg, 5 postponedselected, 6...

4.3CVSS5.8AI score0.10766EPSS

Exploits1References8