Lucene search
K

1275 matches found

EUVD
EUVD
added 2026/05/05 6:57 p.m.12 views

EUVD-2026-27017

PPTAgent: Arbitrary File Write via savegeneratedslides...

4.6CVSS5.8AI score0.00198EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.9 views

GeoVision LPC2011和GeoVision LPC2211 跨站脚本漏洞

Both GeoVision LPC2011 and GeoVision LPC2211 are network monitoring devices produced by the Chinese company GeoVision. Version 1.10 of GeoVision LPC2011 and GeoVision LPC2211 contain a cross-site scripting vulnerability. This vulnerability stems from the ssi.cgi function in the Web Interface, whi...

7.4CVSS5.8AI score0.00196EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.8 views

GeoVision LPC2011和GeoVision LPC2211 跨站脚本漏洞

Both GeoVision LPC2011 and GeoVision LPC2211 are network monitoring control devices produced by the Chinese company GeoVision. Version 1.10 of GeoVision LPC2011 and GeoVision LPC2211 contains a cross-site scripting vulnerability. This vulnerability stems from multiple reflective cross-site script...

7.4CVSS5.7AI score0.00196EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.11 views

PT-2026-36858

Name of the Vulnerable Software and Affected Versions PPTAgent versions prior to commit 418491a Description An arbitrary file write issue exists in this agentic framework for reflective PowerPoint generation. The flaw occurs through the save generated slides function. Recommendations Update to...

4.6CVSS5.9AI score0.00198EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.10 views

WordPress多款产品 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

6.1CVSS5.7AI score0.00276EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.7 views

WSO2 Identity Server 跨站脚本漏洞

WSO2 Identity Server is an identity authentication server developed by the American company WSO2. WSO2 Identity Server has a cross-site scripting vulnerability. This vulnerability arises from the fact that the authentication endpoint accepts user input without enforcing the expected verification...

6.1CVSS5.6AI score0.00173EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/27 8:14 a.m.89 views

xss

CSS Style Sheet Mutation alert"This is a test" alert"...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.8 views

Silverpeas Core 跨站脚本漏洞

Silverpeas Core is an open-source project developed by Silverpeas, used for building and running collaborative and social web portals. Versions of Silverpeas Core prior to 6.4.6 contained a cross-site scripting vulnerability. This vulnerability stemmed from the AdvancedSearch feature having...

6.1CVSS5.9AI score0.00188EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.10 views

Semantic MediaWiki 跨站脚本漏洞

Semantic MediaWiki is an open-source extension of Semantic MediaWiki that stores and queries data within wiki pages. Semantic MediaWiki has a cross-site scripting vulnerability. This vulnerability stems from the endpoint parameters in /index.php/Speciaal:GefacetteerdZoeken, which allow for...

5.1CVSS5.5AI score0.00285EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.5 views

Adobe Connect 跨站脚本漏洞

Adobe Connect is a software developed by Adobe, a company based in America, used to create meeting environments. The Adobe Connect version 2025.3, along with versions 12.10 and earlier, contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflective cross-site scripti...

6.1CVSS5.7AI score0.00187EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.7 views

Joomla VirtueMart Shopping-Cart 跨站脚本漏洞

Joomla VirtueMart Shopping-Cart is an open-source e-commerce shopping cart and online store management extension for VirtueMart. Version 4.0.12 of Joomla VirtueMart Shopping-Cart contains a cross-site scripting vulnerability, which stems from improper handling of the keyword parameter. This...

6.1CVSS5.6AI score0.00194EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.8 views

Joomla JLex Review 跨站脚本漏洞

Joomla JLex Review is an open-source user comment and rating management extension developed by JLxeArt. Version 6.0.1 of Joomla JLex Review contains a cross-site scripting vulnerability, which stems from improper handling of the reviewid parameter. This vulnerability may lead to reflective...

6.1CVSS5.6AI score0.00194EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.7 views

Clickedu 跨站脚本漏洞

Clickedu is an academic management platform operated by Clickedu Corporation. Clickedu has a cross-site scripting vulnerability. This vulnerability stems from a reflective cross-site scripting flaw in the endpoint/user.php file. It may allow attackers to execute JavaScript code in the victim’s...

5.1CVSS5.9AI score0.00272EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 11:17 p.m.8 views

CVE-2026-33911

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the POST parameter title is reflected back in a JSON response built with jsonencode. Because the response is served with a text/html Content-Type, the browser...

5.4CVSS0.00228EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

Support Board 跨站脚本漏洞

Support Board is a sales chat software developed by the British company Support Board. Version 3.7.7 of Support Board contains a cross-site scripting vulnerability, which stems from incorrect handling of the parameter 'search' in the file /supportboard/include/articles.php. This vulnerability may...

5.4CVSS5.6AI score0.0014EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

WordPress plugin Reebox 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

7.1CVSS5.6AI score0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

WordPress plugin Boutique 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

7.1CVSS5.7AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.7 views

WeGIA 跨站脚本漏洞

WeGIA is a network manager for the welfare institution developed by Nilson Lazarin. Versions of WeGIA 3.6.6 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflective cross-site scripting vulnerability in the listarmemorandosativos.php endpoint, which...

9.3CVSS5.9AI score0.00214EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.10 views

Gainsight Assist 安全漏洞

Gainsight Assist is a customer communication template management tool developed by Gainsight Inc. There is a security vulnerability in Gainsight Assist, which stems from improper handling of the errordescription parameter. This vulnerability may lead to reflective cross-site scripting attacks...

6.1CVSS5.9AI score0.00303EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.7 views

LASS 跨站脚本漏洞

LASS is an open-source environmental monitoring sensor network system developed by LinkItONEDevGroup. Versions of LASS starting from f06bd20 and earlier have a cross-site scripting vulnerability. This vulnerability stems from the PM25.php file, which contains a reflective cross-site scripting...

5.1CVSS6AI score0.00454EPSS
Exploits0References2
Rows per page
Query Builder