Lucene search
K

2302 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:54 p.m.5 views

CVE-2022-4282

A vulnerability was found in SpringBootCMS and classified as critical. Affected by this issue is some unknown functionality of the component Template Management. The manipulation leads to injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

7.2CVSS7.3AI score0.007EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 p.m.6 views

CVE-2022-39195

A cross-site scripting XSS vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the c parameter...

6.1CVSS5.6AI score0.06314EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:7 p.m.7 views

CVE-2021-33328

Cross-site scripting XSS vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the 1...

5.4CVSS5.8AI score0.00675EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:59 p.m.4 views

CVE-2021-20680

Cross-site scripting vulnerability in NEC Aterm devices Aterm WG1900HP2 firmware Ver.1.3.1 and earlier, Aterm WG1900HP firmware Ver.2.5.1 and earlier, Aterm WG1800HP4 firmware Ver.1.3.1 and earlier, Aterm WG1800HP3 firmware Ver.1.5.1 and earlier, Aterm WG1200HS2 firmware Ver.2.5.0 and earlier,...

6.1CVSS6.4AI score0.00796EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:30 p.m.4 views

CVE-2021-20750

Cross-site scripting vulnerability in EC-CUBE EC-CUBE 3.0.0 to 3.0.18-p2 EC-CUBE 3 series and EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.1CVSS6.7AI score0.01557EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:35 p.m.7 views

CVE-2021-29208

A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4; HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380...

4.8CVSS7.3AI score0.00507EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:7 p.m.5 views

CVE-2020-28184

Cross-site scripting XSS vulnerability in TerraMaster TOS = 4.2.06 allows remote authenticated users to inject arbitrary web script or HTML via the mod parameter to /module/index.php...

5.4CVSS5.5AI score0.00664EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:43 p.m.5 views

CVE-2020-5552

Cross-site scripting vulnerability in mailform version 1.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.5AI score0.00773EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:27 p.m.9 views

CVE-2010-4607

Multiple cross-site scripting XSS vulnerabilities in Habari 0.6.5, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 additemform parameter to system/admin/dashadditem.php and the 2 statusdata parameter to system/admin/dashstatus.php. NOTE: so...

2.6CVSS5.9AI score0.01581EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:23 a.m.8 views

CVE-2013-1785

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Premium Responsive theme before 7.x-1.6 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

2.1CVSS5.5AI score0.00941EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:47 a.m.8 views

CVE-2017-20174

A vulnerability was found in bastianallgeier Kirby Webmentions Plugin and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is know...

9.8CVSS7.3AI score0.00792EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:35 a.m.6 views

CVE-2018-15530

Cross-site scripting XSS in the web interface of the Xerox ColorQube 8580 allows remote persistent injection of custom HTML / JavaScript code...

6.1CVSS6.4AI score0.00692EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:15 a.m.6 views

CVE-2013-5966

Cross-site scripting XSS vulnerability in ZK Framework before 5.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:40 a.m.2 views

CVE-2014-8663

SQL injection vulnerability in Data Basis BW-WHM-DBA in SAP NetWeaver Business Warehouse allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.7AI score0.01164EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:27 a.m.5 views

CVE-2010-2318

Cross-site scripting XSS vulnerability in cmsdata.php in PHPCityPortal 1.3 allows remote attackers to inject arbitrary web script or HTML via the page parameter...

4.3CVSS6AI score0.00893EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:25 a.m.4 views

CVE-2010-1293

Cross-site scripting XSS vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.02504EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:23 a.m.6 views

CVE-2012-6505

Cross-site scripting XSS vulnerability in mods/hours/data/gethours.php in PHP Volunteer Management 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

4.3CVSS6AI score0.03236EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:38 a.m.10 views

CVE-2011-3998

Cross-site scripting XSS vulnerability in Apple WebObjects 5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.6AI score0.00845EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:57 a.m.6 views

CVE-2012-1252

Cross-site scripting XSS vulnerability in RSSOwl before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a feed, a different vulnerability than CVE-2006-4760...

4.3CVSS5.8AI score0.01321EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:39 a.m.9 views

CVE-2010-1373

Cross-site scripting XSS vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted help: URL, related to "URL parameters in HTML content."...

4.3CVSS5.4AI score0.01223EPSS
Exploits0References1
Rows per page
Query Builder