CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2026/06/05 7:40 p.m.•6 views

CVE-2026-43644

podinfo through 6.11.2 contains a reflected cross-site scripting vulnerability in the /echo and /api/echo endpoints where the echoHandler writes request body content directly to the response without setting explicit Content-Type or X-Content-Type-Options headers. Attackers can craft cross-origin...

6.1CVSS5.3AI score0.00195EPSS

Exploits2References1

GithubExploit•added 2026/05/16 2:19 a.m.•71 views

Exploit for Unrestricted Upload of File with Dangerous Type in Stefanprodan Podinfo

CVE-2025-70849: Stored XSS in Podinfo Summary A security v...

6.1CVSS7.5AI score0.00244EPSS

Exploits4

GithubExploit•added 2026/05/13 10:53 p.m.•36 views

Security-Advisories

Security Advisories Public security advisories and proof-of-c...

5.4CVSS5.8AI score0.00195EPSS

Exploits2

OSV•added 2026/02/05 3:20 a.m.•7 views

GO-2026-4404 Podinfo affected by Arbitrary File Upload that leads to Stored Cross-Site Scripting (XSS) in github.com/stefanprodan/podinfo

Podinfo affected by Arbitrary File Upload that leads to Stored Cross-Site Scripting XSS in github.com/stefanprodan/podinfo...

6.1CVSS5.3AI score0.00244EPSS

Exploits4References3

Positive Technologies•added 2026/02/03 12:0 a.m.•5 views

PT-2026-6454

Arbitrary File Upload in podinfo thru 6.9.0 allows unauthenticated attackers to upload arbitrary files via crafted POST request to the /store endpoint. The application renders uploaded content without a restrictive Content-Security-Policy CSP or adequate Content-Type validation, leading to Stored...

6.1CVSS5.7AI score0.00244EPSS

Exploits4References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by