CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3736 matches found

ATTACKERKB•added 2022/09/13 11:15 p.m.•2 views

CVE-2022-38771

The mobile application in Transtek Mojodat FAM Fixed Asset Management 2.4.6 allows remote attackers to send SCRIPT tags as injected input to the API request...

9.8CVSS5.9AI score0.01155EPSS

Exploits0References3

OSV•added 2022/09/12 2:15 a.m.•1 views

CVE-2022-38972

Cross-site scripting vulnerability in Movable Type plugin A-Form versions prior to 4.1.1 for Movable Type 7 Series and versions prior to 3.9.1 for Movable Type 6 Series allows a remote unauthenticated attacker to inject an arbitrary script...

6.1CVSS5.9AI score

Exploits0References3

ATTACKERKB•added 2022/08/23 7:15 a.m.•2 views

CVE-2022-27637

Reflected cross-site scripting vulnerability in PukiWiki versions 1.5.1 to 1.5.3 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6AI score0.00214EPSS

Exploits0References3Affected Software1

OSV•added 2022/08/23 7:15 a.m.•1 views

CVE-2022-27637

Reflected cross-site scripting vulnerability in PukiWiki versions 1.5.1 to 1.5.3 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS5.8AI score0.00214EPSS

Exploits0References2

Vulnrichment•added 2022/08/23 6:31 a.m.•3 views

CVE-2022-36350

Stored cross-site scripting vulnerability in PukiWiki versions 1.3.1 to 1.5.3 allows a remote attacker to inject an arbitrary script via unspecified vectors...

5.2AI score0.00217EPSS

Exploits0References2

OSV•added 2022/08/18 8:15 a.m.•1 views

CVE-2022-28715

Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.2AI score0.00189EPSS

Exploits0References2

OSV•added 2022/08/18 8:15 a.m.•1 views

CVE-2022-30604

Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.2AI score

Exploits0References2

OSV•added 2022/08/18 8:15 a.m.•3 views

CVE-2022-33151

Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows remote attackers to inject an arbitrary script via unspecified vectors...

6.1CVSS6.3AI score0.00189EPSS

Exploits0References2

OSV•added 2022/08/18 8:15 a.m.•1 views

CVE-2022-29487

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.2AI score0.00189EPSS

Exploits0References2

ATTACKERKB•added 2022/08/18 8:15 a.m.•1 views

CVE-2022-28715

Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.3AI score0.00189EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2022/08/18 12:0 a.m.•3 views

PT-2022-20199 · Cybozu · Cybozu Office

Name of the Vulnerable Software and Affected Versions: Cybozu Office versions 10.0.0 through 10.8.5 Description: The issue allows a remote attacker to inject an arbitrary script via unspecified vectors, exploiting a cross-site scripting vulnerability in specific parameters. Recommendations: For...

6.1CVSS6.1AI score0.00189EPSS

Exploits0References4

ATTACKERKB•added 2022/08/08 3:15 p.m.•1 views

CVE-2022-35493

A Cross-site scripting XSS vulnerability in json search parse and the json response in wrteam.in, eShop - Multipurpose Ecommerce Store Website version 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the getproducts?search parameter...

6.1CVSS6.5AI score0.02192EPSS

Exploits1References3

OSV•added 2022/08/08 3:15 p.m.•0 views

CVE-2022-35493

6.1CVSS5.9AI score

Exploits0References1

Positive Technologies•added 2022/08/08 12:0 a.m.•2 views

PT-2022-22869 · Eshop · Eshop

Name of the Vulnerable Software and Affected Versions: eShop - Multipurpose Ecommerce Store Website version 3.0.4 Description: A Cross-site scripting XSS issue exists in the json search parse and the json response, allowing remote attackers to inject arbitrary web script or HTML via the "get...

6.1CVSS6.1AI score0.02192EPSS

Exploits1References3

ATTACKERKB•added 2022/07/26 10:15 p.m.•2 views

CVE-2022-1492

Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page...

6.1CVSS6.8AI score0.00229EPSS

Exploits1References4

OSV•added 2022/07/26 10:15 p.m.•1 views

DEBIAN-CVE-2022-1492

Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page...

6.1CVSS7AI score0.00229EPSS

Exploits1References1

ATTACKERKB•added 2022/07/11 1:15 a.m.•2 views

CVE-2022-27168

Cross-site scripting vulnerability in LiteCart versions prior to 2.4.2 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.5AI score0.00421EPSS

Exploits0References5Affected Software1

OSV•added 2022/05/24 7:10 p.m.•2 views

GHSA-V88G-7FX4-9Q7F Liferay Portal and Liferay DXP Cross-site scripting (XSS) vulnerability in the Document Library module

Cross-site scripting XSS vulnerability in the Document Library module's add document menu versions 5.0.6 to before 5.0.54, in Liferay Portal 7.3.0 through 7.3.4, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via t...

6.1CVSS6AI score0.00258EPSS

Exploits0References5

Github Security Blog•added 2022/05/24 7:9 p.m.•7 views

Liferay Portal and Liferay DXP Cross-site scripting (XSS) vulnerability in the Frontend JS module

Cross-site scripting XSS vulnerability in the Frontend JS module before version 4.0.18, in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20 and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the title of a...

6.1CVSS6AI score0.00418EPSS

Exploits0References5Affected Software2

OSV•added 2022/05/18 3:15 p.m.•1 views

CVE-2022-28717

Cross-site scripting vulnerability in RebooterWATCH BOOT nino RPC-M2C End of Sale all firmware versions, WATCH BOOT light RPC-M5C End of Sale all firmware versions, WATCH BOOT L-zero RPC-M4L End of Sale all firmware versions, WATCH BOOT mini RPC-M4H End of Sale all firmware versions, WATCH BOOT...

4.8CVSS6.2AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by