CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2300 matches found

CNVD•added 2018/03/15 12:0 a.m.•3 views

Zoho ManageEngine EventLog Analyzer Cross-Site Scripting Vulnerability

ZOHO ManageEngine EventLog Analyzer is the United States ZhuoHao ZOHO company's set of system, event log analysis software. The software is capable of network-wide hosts, servers, network equipment and a variety of application service systems and other generated logs, comprehensive collection and...

6.1CVSS6.1AI score0.01304EPSS

Exploits0References1

ATTACKERKB•added 2018/03/09 7:29 p.m.•4 views

CVE-2016-0253

Cross-site scripting XSS vulnerability in IBM Financial Transaction Manager FTM for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager FTM for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager FTM f...

5.4CVSS5.7AI score0.00657EPSS

Exploits0References3

Prion•added 2018/03/07 3:29 p.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in Jease 2.11 allows remote authenticated users to inject arbitrary web script or HTML via a content section note...

3.5CVSS5.6AI score0.00708EPSS

Exploits3References2Affected Software1

CNVD•added 2018/03/06 12:0 a.m.•1 views

InvoicePlane cross-site scripting vulnerability (CNVD-2018-04868)

InvoicePlane is an open source financial system. The system has features to manage quotes, invoices and payments. A cross-site scripting vulnerability exists in InvoicePlane versions prior to 1.5.5. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the...

6.1CVSS6AI score0.01327EPSS

Exploits1References1

CNVD•added 2018/03/02 12:0 a.m.•1 views

Tiki Calendar HTML Injection Vulnerability

Tiki is a suite of open source content management and portal applications from the Tiki software community that can be used to create web applications, portals, intranets, extranets, etc. Calendar is one of the calendar components. A cross-site scripting vulnerability exists in the Calendar...

5.4CVSS6.2AI score0.00556EPSS

Exploits1References1

CNVD•added 2018/03/02 12:0 a.m.•3 views

PHP Scripts Mall Entrepreneur Job Portal Script Cross-Site Scripting Vulnerability

PHP Scripts Mall Entrepreneur Job Portal Script is a set of PHP based recruitment, job search website scripts by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Entrepreneur Job Portal Script. A remote attacker can exploit this vulnerability by sending the...

4.8CVSS6.4AI score0.00548EPSS

Exploits1References1

CNVD•added 2018/02/26 12:0 a.m.•1 views

PHP Scripts Mall Lawyer Search Script Cross Site Scripting Vulnerability

PHP Scripts Mall Lawyer Search Script is a set of PHP based law firm management scripts by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Lawyer Search Script version 1.0.2. A remote attacker can exploit this vulnerability to inject arbitrary web script or...

5.4CVSS6.3AI score0.00558EPSS

Exploits4References1

CNVD•added 2018/02/26 12:0 a.m.•2 views

PHP Scripts Mall Bitcoin MLM Software Cross-Site Scripting Vulnerability

PHP Scripts Mall Bitcoin MLM Software is a PHP-based bitcoin management software from PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Bitcoin MLM Software version 1.0.2. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

5.4CVSS6.2AI score0.00681EPSS

Exploits4References1

OSV•added 2018/02/21 4:29 p.m.•2 views

CVE-2016-0344

Cross-site scripting XSS vulnerability in the My Reports component in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 111785...

5.4CVSS5.9AI score0.00657EPSS

Exploits0References2

OSV•added 2018/02/21 1:29 a.m.•3 views

CVE-2018-7277

An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP...

6.1CVSS5.8AI score0.00793EPSS

Exploits1References1

OSV•added 2018/02/15 10:29 p.m.•3 views

CVE-2017-5810

A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found...

9.8CVSS5.8AI score0.04783EPSS

Exploits0References3

OSV•added 2018/02/08 2:29 p.m.•2 views

CVE-2018-0513

Cross-site scripting vulnerability in MTS Simple Booking C, MTS Simple Booking Business version 1.28.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00776EPSS

Exploits0References2

CNVD•added 2018/02/07 12:0 a.m.•3 views

Atlassian FishEye and Crucible Cross-Site Scripting Vulnerabilities (CNVD-2018-05475)

Atlassian FishEye and Crucible are both products of the Australian company Atlassian, FishEye is a suite of software for deep viewing of source code repositories and Crucible is a suite of code review tools. A cross-site scripting vulnerability exists in source browse resource in Atlassian FishEy...

5.4CVSS6.3AI score0.00597EPSS

Exploits0References1

Prion•added 2018/02/02 9:29 p.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Project-Pier ProjectPier-Core allow remote attackers to inject arbitrary web script or HTML via the searchfor parameter to 1 searchbytag.php, 2 searchcontacts.php, or 3 search.php...

4.3CVSS6.1AI score0.01084EPSS

Exploits1References2Affected Software1

CNVD•added 2018/01/30 12:0 a.m.•1 views

Formspree Cross-Site Scripting Vulnerability

Formspree is an open source tool for sending emails in web pages. A cross-site scripting vulnerability exists in the templates/forms/thanks.html page in versions of Formspree prior to 2018-01-23. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

6.1CVSS6.1AI score0.00763EPSS

Exploits1References1

CNVD•added 2018/01/30 12:0 a.m.•6 views

Sophos PureMessage for UNIX Cross-Site Scripting Vulnerability

Sophos PureMessage for UNIX is a Unix-based antivirus software from Sophos UK, which is designed to protect against viruses, spam, and other security threats that attack users by e-mail. A cross-site scripting vulnerability exists in versions of Sophos PureMessage prior to 6.3.2 for UNIX-based...

6.1CVSS6.2AI score0.00954EPSS

Exploits0References1

Patchstack•added 2018/01/30 12:0 a.m.•18 views

WordPress Splashing Images plugin <=2.1 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability found by Nicolas Buzy-Debat in WordPress Splashing Images plugin versions =2.1. Possible remote injection of arbitrary web script or HTML via the search parameter to wp-admin/upload.php. Solution Update the WordPress Splashing Images plugin to the latest...

4.8CVSS1.6AI score0.01048EPSS

Exploits2References1Affected Software1

OSV•added 2018/01/26 8:29 p.m.•3 views

CVE-2016-6217

Cross-site scripting XSS vulnerability in Sophos PureMessage for UNIX before 6.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References1

CNVD•added 2018/01/23 12:0 a.m.•3 views

Atlassian JIRA Cross-Site Scripting Vulnerability (CNVD-2018-03271)

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace.PieChart gadget is one of the pie chart tools. A cross-site scripting vulnerability exists in the PieChart gadget in Atlassian Ji...

6.1CVSS6.4AI score0.00825EPSS

Exploits0References1

CNVD•added 2018/01/18 12:0 a.m.•3 views

LiveZilla knowledgebase.php file cross-site scripting vulnerability

LiveZilla is a free online customer service system from the German company LiveZilla. The system provides real-time monitoring of visitors, offline messages, GeoTracking map tracking, access statistics, online chat and other features. A cross-site scripting vulnerability exists in the...

6.1CVSS5.9AI score0.01367EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by