Lucene search
K

15095 matches found

Vulnrichment
Vulnrichment
added 2026/05/10 12:13 p.m.8 views

CVE-2022-50969 uBidAuction 2.0.1 mailingLog manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the backend/mailingLog/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/10 12:13 p.m.6 views

CVE-2022-50968

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/10 12:13 p.m.9 views

CVE-2022-50968 uBidAuction 2.0.1 auctions manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/10 12:12 p.m.31 views

CVE-2022-50967 uBidAuction 2.0.1 tickets manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the tickets/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET request...

6.1CVSS0.00252EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/10 12:12 p.m.9 views

CVE-2022-50966 uBidAuction 2.0.1 news manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the news/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/10 12:12 p.m.10 views

CVE-2022-50965

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the posts/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/10 12:12 p.m.10 views

CVE-2022-50965 uBidAuction 2.0.1 posts manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the posts/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/10 12:12 p.m.39 views

CVE-2022-50966 uBidAuction 2.0.1 news manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the news/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests...

6.1CVSS0.00252EPSS
Exploits0References4
CVE
CVE
added 2026/05/10 12:12 p.m.12 views

CVE-2022-50966

CVE-2022-50966 affects uBidAuction 2.0.1 in the news/manage module. The vulnerability is a reflected XSS in which the filter functionality does not properly sanitize the date_created, date_from, date_to, and created_at parameters, allowing an attacker to inject malicious scripts via crafted GET r...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References4
CVE
CVE
added 2026/05/10 12:12 p.m.13 views

CVE-2022-50965

CVE-2022-50965 affects uBidAuction 2.0.1, specifically the posts/manage module. The vulnerability is a reflected cross-site scripting flaw where the filter functionality fails to sanitize the date_created, date_from, date_to, and created_at parameters, allowing an attacker to inject malicious scr...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/10 12:12 p.m.5 views

CVE-2022-50963

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/active module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via...

6.1CVSS5.7AI score0.00247EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/10 12:12 p.m.46 views

CVE-2022-50963 uBidAuction 2.0.1 myAuctions active Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/active module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via...

6.1CVSS0.00247EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/10 12:12 p.m.10 views

CVE-2022-50963 uBidAuction 2.0.1 myAuctions active Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/active module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via...

6.1CVSS5.7AI score0.00247EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/10 12:12 p.m.13 views

CVE-2022-50962 uBidAuction 2.0.1 myOrders Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the orders/myOrders module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/10 12:12 p.m.6 views

CVE-2022-50962

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the orders/myOrders module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/10 12:12 p.m.5 views

CVE-2022-50949

WordPress Plugin Videos sync PDF 1.7.4 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by exploiting unsanitized mov, pdf, mp4, webm, and ogg parameters. Attackers can inject payloads like autofocus onfocus event handlers throug...

6.4CVSS5.9AI score0.00191EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/10 12:12 p.m.11 views

CVE-2022-50949 WordPress Plugin Videos sync PDF 1.7.4 Stored XSS

WordPress Plugin Videos sync PDF 1.7.4 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by exploiting unsanitized mov, pdf, mp4, webm, and ogg parameters. Attackers can inject payloads like autofocus onfocus event handlers throug...

6.4CVSS5.9AI score0.00191EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/10 12:33 a.m.8 views

EUVD-2026-28946

Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used...

6.5CVSS5.8AI score0.00149EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.7 views

Moodle 跨站脚本漏洞

Moodle is an open-source e-learning software platform developed by Moodle, also known as a course management system, learning management system, or virtual learning environment. Version 4.0 of Moodle has a cross-site scripting vulnerability. This vulnerability stems from the search parameters...

6.1CVSS5.6AI score0.00331EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.12 views

PT-2026-39490

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the posts/manage module. The date created, date from, date to, and created at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References5
Rows per page
Query Builder