Lucene search
K

140 matches found

NVD
NVD
added yesterday7 views

CVE-2026-15552

Enterprise Cloud Database developed by Ragic has a Stored Cross-Site Scripting vulnerability, allowing unauthenticated remote attackers to inject persistent JavaScript code executed in users' browsers upon page load...

6.1CVSS0.00205EPSS
Exploits0References2
EUVD
EUVD
added yesterday6 views

EUVD-2026-43270

Enterprise Cloud Database developed by Ragic has a Stored Cross-Site Scripting vulnerability, allowing unauthenticated remote attackers to inject persistent JavaScript code executed in users' browsers upon page load...

6.1CVSS6.2AI score0.00205EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday31 views

CVE-2026-15552 Ragic|Enterprise Cloud Database - Stored Cross-Site Scripting

Enterprise Cloud Database developed by Ragic has a Stored Cross-Site Scripting vulnerability, allowing unauthenticated remote attackers to inject persistent JavaScript code executed in users' browsers upon page load...

6.1CVSS0.00205EPSS
Exploits0References2
CVE
CVE
added yesterday9 views

CVE-2026-15552

The CVE-2026-15552 entry concerns Ragic’s Enterprise Cloud Database, which is reported to be vulnerable to a Stored Cross-Site Scripting (Stored XSS) flaw. According to the sources, unauthenticated remote attackers can inject persistent JavaScript code that is executed in users’ browsers upon pag...

6.1CVSS6.2AI score0.00205EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42208

During the process of page opening and form formatting, a JavaScript reentrancy results in an inconsistent document status. Subsequently, with outdated page information, the application attempts to access invalid addresses, causing the application to crash...

6.1CVSS6AI score0.00107EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 9:26 a.m.6 views

CVE-2026-12580

EasyFlow .NET developed by Digiwin has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to inject persistent JavaScript code executed in users' browsers upon page load...

5.4CVSS6AI score0.00168EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/22 9:26 a.m.11 views

EUVD-2026-38222

EasyFlow .NET developed by Digiwin has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to inject persistent JavaScript code executed in users' browsers upon page load...

5.4CVSS6AI score0.00168EPSS
Exploits0References2
CVE
CVE
added 2026/06/22 9:26 a.m.14 views

CVE-2026-12580

CVE-2026-12580 affects Digiwin EasyFlow .NET. The vulnerability is a Stored Cross-Site Scripting (XSS) flaw that permits authenticated remote attackers to inject persistent JavaScript code which executes in users’ browsers when a page loads. Impact is described as allowing the attacker to cause u...

5.4CVSS6AI score0.00168EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/22 9:26 a.m.36 views

CVE-2026-12580 Digiwin|EasyFlow .NET - Stored Cross-Site Scripting

EasyFlow .NET developed by Digiwin has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to inject persistent JavaScript code executed in users' browsers upon page load...

5.4CVSS0.00168EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/10 9:3 p.m.10 views

CVE-2026-47970

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00307EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.10 views

CVE-2026-10058

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS5.5AI score0.00176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.11 views

CVE-2026-6828

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'permissionmessage' parameter in all versions up to, and including, 6.2.1 due to insufficient input sanitization and output escaping...

6.4CVSS5.7AI score0.00201EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 9:16 a.m.14 views

CVE-2026-10057

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS0.00176EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/29 8:37 a.m.18 views

EUVD-2026-33268

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS5.8AI score0.00176EPSS
Exploits0References2
CVE
CVE
added 2026/05/29 8:37 a.m.25 views

CVE-2026-10058

The CVE-2026-10058 entry concerns ITS Intelligent SCADA System by ITP Technology and describes a Stored Cross-Site Scripting vulnerability that allows privileged remote attackers to inject JavaScript executed in users’ browsers on page load. Documents confirm the affected product, vulnerability t...

4.8CVSS5.8AI score0.00176EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/29 8:34 a.m.17 views

EUVD-2026-33267

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS5.8AI score0.00176EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/29 8:34 a.m.11 views

CVE-2026-10057 ITP Technology|ITS Intelligent SCADA System - Stored Cross-Site Scripting

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS5.8AI score0.00176EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/29 8:34 a.m.38 views

CVE-2026-10057 ITP Technology|ITS Intelligent SCADA System - Stored Cross-Site Scripting

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS0.00176EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.16 views

PT-2026-44764

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS5.8AI score0.00176EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/22 9:31 a.m.10 views

EUVD-2026-24702

The Posts map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name' shortcode attribute in all versions up to, and including, 0.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

6.4CVSS5.9AI score0.00235EPSS
Exploits0References5
Rows per page
Query Builder