Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

115 matches found

RedhatCVE
RedhatCVEadded 2026/05/24 2:12 a.m.6 views

CVE-2021-47968

Podcast Generator 3.1 is vulnerable to persistent cross-site scripting, allowing authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests to execute...

6.4CVSS6AI score0.00034EPSS
Exploits0References1
NVD
NVDadded 2026/05/15 7:16 p.m.3 views

CVE-2021-47968

Podcast Generator 3.1 is vulnerable to persistent cross-site scripting, allowing authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests to execute...

6.4CVSS0.00034EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/15 6:36 p.m.5 views

CVE-2021-47968 Podcast Generator 3.1 Persistent Cross-Site Scripting via long_description

Podcast Generator 3.1 is vulnerable to persistent cross-site scripting, allowing authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests to execute...

6.4CVSS6AI score0.00034EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/15 6:36 p.m.27 views

CVE-2021-47968 Podcast Generator 3.1 Persistent Cross-Site Scripting via long_description

Podcast Generator 3.1 is vulnerable to persistent cross-site scripting, allowing authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests to execute...

6.4CVSS0.00034EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/15 6:36 p.m.4 views

EUVD-2021-34821

Podcast Generator 3.1 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests t...

6.4CVSS5.9AI score0.00034EPSS
Exploits0References4
CVE
CVEadded 2026/05/15 6:36 p.m.10 views

CVE-2021-47968

CVE-2021-47968 affects Podcast Generator 3.1. The vulnerability is a persistent cross-site scripting (XSS) flaw in the long_description field where authenticated users can submit unfiltered JavaScript during episode creation or editing, causing injected scripts to run when others view episode det...

6.4CVSS6AI score0.00034EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/05/15 12:0 a.m.4 views

Podcast Generator 跨站脚本漏洞

Podcast Generator is an open-source set of free podcast publishing scripts written in PHP language. Version 3.1 of Podcast Generator has a cross-site scripting vulnerability. This vulnerability stems from a persistent cross-site scripting issue, which may allow authenticated attackers to inject...

6.4CVSS5.7AI score0.00034EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/05/15 12:0 a.m.4 views

PT-2026-41347

Podcast Generator 3.1 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the long description parameter. Attackers can inject script tags through episode creation or editing requests ...

6.4CVSS5.9AI score0.00034EPSS
Exploits0References5
NVD
NVDadded 2026/01/28 4:16 p.m.1 views

CVE-2025-70336

A Stored cross-site scripting XSS vulnerability in 'Create New Live Item' in PodcastGenerator 3.2.9 allows remote attackers to inject arbitrary script or HTML via the 'TITLE', 'SHORT DESCRIPTION' and 'LONG DESCRIPTION' parameters. The saved payload gets executed on 'View All Live Items' and 'Live...

4.8CVSS0.00066EPSS
Exploits0References2
EUVD
EUVDadded 2026/01/28 12:0 a.m.1 views

EUVD-2025-206501

A Stored cross-site scripting XSS vulnerability in 'Create New Live Item' in PodcastGenerator 3.2.9 allows remote attackers to inject arbitrary script or HTML via the 'TITLE', 'SHORT DESCRIPTION' and 'LONG DESCRIPTION' parameters. The saved payload gets executed on 'View All Live Items' and 'Live...

4.8CVSS5.9AI score0.00066EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/01/28 12:0 a.m.3 views

PT-2026-5134

Name of the Vulnerable Software and Affected Versions PodcastGenerator version 3.2.9 Description A stored cross-site scripting XSS issue exists in the 'Create New Live Item' functionality. This allows remote attackers to inject arbitrary script or HTML through the 'TITLE', 'SHORT DESCRIPTION', an...

4.8CVSS5.3AI score0.00066EPSS
Exploits0References6
CNNVD
CNNVDadded 2026/01/28 12:0 a.m.1 views

Podcast Generator security vulnerabilities

Podcast Generator is an open-source set of free podcast publishing scripts written in PHP language. Version 3.2.9 of Podcast Generator has a security vulnerability, which stems from a storage-type XSS vulnerability in the function for creating new live projects. This vulnerability could allow for...

4.8CVSS6AI score0.00066EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/01/28 12:0 a.m.23 views

CVE-2025-70336

A Stored cross-site scripting XSS vulnerability in 'Create New Live Item' in PodcastGenerator 3.2.9 allows remote attackers to inject arbitrary script or HTML via the 'TITLE', 'SHORT DESCRIPTION' and 'LONG DESCRIPTION' parameters. The saved payload gets executed on 'View All Live Items' and 'Live...

0.00066EPSS
Exploits0References2
NVD
NVDadded 2025/12/17 11:15 p.m.1 views

CVE-2023-53920

PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the podcast title field accessible through the podcast details interface podcastdetails.php. Malicious JavaScript payloads injected into the podcast title execute when users visit the application's home page...

5.4CVSS0.00024EPSS
Exploits1References3
OSV
OSVadded 2025/12/17 11:15 p.m.1 views

CVE-2023-53920

PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the podcast title field accessible through the podcast details interface podcastdetails.php. Malicious JavaScript payloads injected into the podcast title execute when users visit the application's home page...

5.4CVSS6.2AI score
Exploits0References3
OSV
OSVadded 2025/12/17 11:15 p.m.1 views

CVE-2023-53918

PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the episode title field accessible through the episodes upload interface episodesupload.php. Malicious JavaScript payloads injected into episode titles execute when administrators view the episodes list page...

6.1CVSS6.2AI score
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/12/17 10:44 p.m.1 views

CVE-2023-53920 PodcastGenerator Stored Cross-Site Scripting via Podcast Title Field

PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the podcast title field accessible through the podcast details interface podcastdetails.php. Malicious JavaScript payloads injected into the podcast title execute when users visit the application's home page...

5.4CVSS5.9AI score0.00024EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/12/17 10:44 p.m.1 views

CVE-2023-53919 PodcastGenerator Stored Cross-Site Scripting via Freebox Content Field

PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the Freebox content field accessible through the theme customization interface themefreebox.php. Malicious JavaScript payloads injected into the Freebox content execute when users visit the application's home page...

5.4CVSS5.8AI score0.00024EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/12/17 10:44 p.m.16 views

CVE-2023-53920 PodcastGenerator Stored Cross-Site Scripting via Podcast Title Field

PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the podcast title field accessible through the podcast details interface podcastdetails.php. Malicious JavaScript payloads injected into the podcast title execute when users visit the application's home page...

5.4CVSS0.00024EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/12/17 10:44 p.m.1 views

CVE-2023-53918 PodcastGenerator Stored Cross-Site Scripting via Episode Title Field

PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the episode title field accessible through the episodes upload interface episodesupload.php. Malicious JavaScript payloads injected into episode titles execute when administrators view the episodes list page...

6.1CVSS5.9AI score0.00024EPSS
Exploits1References3
Rows per page
Query Builder