CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1895 matches found

CNNVD•added 2025/12/11 12:0 a.m.•2 views

XMB Forum 跨站脚本漏洞

XMB Forum is an open source forum system by XMB. A cross-site scripting vulnerability exists in XMB Forum version 1.9.12.06, which stems from persistent cross-site scripting in the template and homepage settings, which could lead to script execution by all forum users...

5.3CVSS6.2AI score0.0036EPSS

Exploits0References3

NVD•added 2025/11/11 2:15 p.m.•7 views

CVE-2025-11085

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...

8.6CVSS0.00303EPSS

Exploits0References1

OpenVAS•added 2025/11/06 12:0 a.m.•6 views

Pi-hole Web Interface < 6.3 Multiple Vulnerabilities

The Pi-hole Web Interface previously AdminLTE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.2CVSS7AI score0.00514EPSS

Exploits4References5

OSV•added 2025/10/27 6:44 p.m.•3 views

CVE-2025-32785 Pi-hole Admin Interface vulnerable to persistent XSS on Subscribed lists group management (Adress Field)

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions prior to 6.3 are vulnerable to cross-site scripting XSS via the Address field in the Subscribed Lists group management section...

5.1CVSS5.9AI score0.00204EPSS

Exploits1References3

CVE•added 2025/10/10 12:0 a.m.•8 views

CVE-2025-60869

Publii CMS v0.46.5 (build 17089) is affected by a stored XSS in configuration fields (e.g., Site Description, Footer Follow Buttons). The issue arises from unsanitized input, allowing injected JavaScript to be stored in the project and executed in visitors’ browsers when viewing the generated sta...

7.3CVSS5.7AI score0.00246EPSS

Exploits0References2