CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

CNNVD•added 2026/05/20 12:0 a.m.•6 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of Tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting vulnerability in the search.php file. It...

5.1CVSS5.8AI score0.00029EPSS

Exploits0References1

CNNVD•added 2026/05/20 12:0 a.m.•6 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting flaw in the dounitmail.php file. It could...

5.1CVSS5.8AI score0.00029EPSS

Exploits0References1

CNNVD•added 2026/05/20 12:0 a.m.•5 views

tickets 跨站脚本漏洞

5.1CVSS5.8AI score0.00029EPSS

Exploits0References1

CNNVD•added 2026/05/20 12:0 a.m.•5 views

tickets 跨站脚本漏洞

5.1CVSS5.8AI score0.00029EPSS

Exploits0References1

CNNVD•added 2026/05/18 12:0 a.m.•5 views

FacturaScripts 跨站脚本漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to 2025.7 contained a cross-site scripting vulnerability. This vulnerability occurred due to the fsNick cookie parameter value being reflected directly into HTML, which...

3.9CVSS5.6AI score0.00018EPSS

Exploits0References1

CNNVD•added 2026/05/07 12:0 a.m.•5 views

Admidio 跨站脚本漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Prior to Admidio 5.0.9, there was a cross-site scripting vulnerability. This vulnerability...

6.1CVSS5.8AI score0.0006EPSS

Exploits0References1

Packet Storm News•added 2026/04/30 12:0 a.m.•4 views

WOOTdroid: Whole-System Online On-Device Tracing for Android

System auditing on Android faces two problems. First, existing syscall tracers lose events under load, silently overwriting entries faster than a user space reader can drain them. Second, security-relevant application behavior is mediated through Binder, Android's kernel IPC mechanism, and is...

5.8AI score

Exploits0

CNNVD•added 2026/03/20 12:0 a.m.•4 views

WWBN AVideo 跨站脚本漏洞

WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 25.0 contained a cross-site scripting vulnerability. This vulnerability occurred because user inputs were passed directly to JavaScript without being escaped, allowing them...

6.1CVSS5.6AI score0.00041EPSS

Exploits1References2

CNNVD•added 2026/03/10 12:0 a.m.•2 views

SiYuan 跨站脚本漏洞

SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.5.10 contained a cross-site scripting vulnerability. This vulnerability stemmed from the SVG cleaner’s inability to properly check the javascript: prefix in href attributes, allowi...

6.4CVSS7.1AI score0.00502EPSS

Exploits1References1

CNNVD•added 2026/03/06 12:0 a.m.•4 views

groupoffice 跨站脚本漏洞

GroupOffice is an open-source groupware and CRM developed by Intermesh. Versions of GroupOffice prior to 6.8.155, 25.0.88, and 26.0.10 contained a cross-site scripting vulnerability. This vulnerability stemmed from the POST field in the installation script install/license.php, where the field was...

6.1CVSS5.7AI score0.00017EPSS

Exploits1References2

CNNVD•added 2026/02/25 12:0 a.m.•5 views

repostat 跨站脚本漏洞

“Repostat” is a component used by DenPiligrim’s individual developers to retrieve repository information. Versions of “repostat” prior to 1.0.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the RepoCard component using “dangerouslySetInnerHTML” to render the...

6.1CVSS5.6AI score0.00052EPSS

Exploits1References2

CNNVD•added 2026/02/16 12:0 a.m.•4 views

Kubysoft 跨站脚本漏洞

Kubysoft is an IT asset management software developed by the Spanish company Kubysoft. Kubysoft has a cross-site scripting vulnerability. This vulnerability stems from multiple parameters in the /node/kudaby/nodeFN/procedure endpoints, which are vulnerable to reflection-based cross-site scripting...

6.1CVSS5.8AI score0.00039EPSS

Exploits0References1

CNNVD•added 2026/01/24 12:0 a.m.•4 views

WordPress plugin JustClick registration: cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.1CVSS5.7AI score0.00067EPSS

Exploits0References4

CNNVD•added 2025/01/03 12:0 a.m.•1 views

PhpSpreadsheet 安全漏洞

PhpSpreadsheet is an open source PHP library from PHPOffice for reading and writing spreadsheet files. A security vulnerability exists in PhpSpreadsheet that stems from vulnerability to unauthorized reflection-based cross-site scripting attacks...

8.3CVSS6AI score0.00905EPSS

Exploits1References2

CNNVD•added 2025/01/03 12:0 a.m.•1 views

PhpSpreadsheet 安全漏洞

8.3CVSS6AI score0.00905EPSS

Exploits1References2

CNNVD•added 2025/01/03 12:0 a.m.•1 views

PhpSpreadsheet 安全漏洞

8.3CVSS6AI score0.01179EPSS

Exploits1References2

CNNVD•added 2024/09/16 12:0 a.m.•1 views

Intumit SmartRobot 跨站脚本漏洞

Intumit SmartRobot is a web development framework from Intumit, Inc. A cross-site scripting vulnerability exists in Intumit SmartRobot versions prior to v7.1.0 that stems from failure to properly validate a specific page parameter, which could allow an unauthenticated, remote attacker to inject...

6.1CVSS6.2AI score0.0018EPSS

Exploits0References3

CNNVD•added 2024/08/29 12:0 a.m.•2 views

HWA JIUH DIGITAL Easy test Online Learning and Testing Platform 跨站脚本漏洞

HWA JIUH DIGITAL Easy test Online Learning and Testing Platform is an Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL. A cross-site scripting vulnerability exists in HWA JIUH DIGITAL Easy test Online Learning and Testing Platform versions prior to 24A01, which stems from...

5.4CVSS6.3AI score0.00399EPSS

Exploits0References4

CNNVD•added 2024/07/15 12:0 a.m.•1 views

AguardNet Space Management System Cross-Site Scripting Vulnerability

AguardNet Space Management System is a space management system from China-based AguardNet. A cross-site scripting vulnerability exists in AguardNet Space Management System versions prior to 2024-04-09-3302, which stems from not properly filtering user input, allowing a remote attacker with regula...

5.4CVSS6.1AI score0.00167EPSS

Exploits0References3

CNNVD•added 2023/03/27 12:0 a.m.•3 views

HGiga MailSherlock 跨站脚本漏洞

Hgiga MailSherlock is an enterprise email auditing system from China Henderson Technology Hgiga. A cross-site scripting vulnerability exists in HGiga MailSherlock version 4.5, which stems from insufficient filtering of user input by specific function. The vulnerability can be exploited to conduct...

6.1CVSS5.9AI score0.00404EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by