CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3736 matches found

OSV•added 2020/12/15 9:15 p.m.•1 views

CVE-2020-35416

Multiple cross-site scripting XSS vulnerabilities exist in PHPJabbers Appointment Scheduler 2.3, in the index.php admin login webpage with different request parameters, allows remote attackers to inject arbitrary web script or HTML...

6.1CVSS6.4AI score0.05165EPSS

Exploits4References3

OSV•added 2020/12/03 12:15 p.m.•1 views

CVE-2020-5638

Cross-site scripting vulnerability in desknet's NEO desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier allows remote attackers to inject arbitrary script via unspecified vectors...

6.1CVSS6.2AI score

Exploits0References2

CNNVD•added 2020/12/03 12:0 a.m.•5 views

Desknets Neo Cross-Site Scripting Vulnerability

Desknets Neo is a remote office support software from Japanese company Desknets. A cross-site scripting vulnerability exists in desknets NEO, which originates from a vulnerability that allows remote attackers to inject arbitrary scripts via unspecified vectors. The following products and versions...

6.1CVSS5.8AI score0.00347EPSS

Exploits0References4

CNNVD•added 2020/12/01 12:0 a.m.•3 views

ThinkAdmin 跨站脚本漏洞

ThinkAdmin is a backend administration framework developed based on the latest ThinkPHP V6 , using the MIT protocol open source. thinkAdmin v1, v6 exists a stored cross-site scripting vulnerability. A remote attacker can use the vulnerability to inject arbitrary Web script or HTML...

5.4CVSS6.1AI score0.00201EPSS

Exploits1References2

Positive Technologies•added 2020/12/01 12:0 a.m.•3 views

PT-2020-17141 · Thinkadmin · Thinkadmin

Name of the Vulnerable Software and Affected Versions: ThinkAdmin versions v1 through v6 Description: The issue allows remote attackers to inject an arbitrary web script or HTML, exploiting a stored XSS vulnerability. Recommendations: For ThinkAdmin versions v1 through v6, update to a version tha...

5.4CVSS5.2AI score0.00201EPSS

Exploits1References7

OSV•added 2020/10/28 7:15 p.m.•1 views

CVE-2020-27741

Multiple cross-site scripting XSS vulnerabilities in Citadel WebCit through 926 allow remote attackers to inject arbitrary web script or HTML via multiple pages and parameters. NOTE: this was reported to the vendor in a publicly archived "Multiple Security Vulnerabilities in WebCit 926" thread...

6.1CVSS6.4AI score

Exploits0References2

OSV•added 2020/10/23 5:15 a.m.•2 views

CVE-2018-8062

A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...

5.4CVSS5.9AI score

Exploits0References1

OSV•added 2020/10/06 6:15 a.m.•2 views

CVE-2020-5631

Stored cross-site scripting vulnerability in CMONOS.JP ver2.0.20191009 and earlier allows remote attackers to inject arbitrary script via unspecified vectors...

6.1CVSS6.4AI score0.00435EPSS

Exploits0References3

CNVD•added 2020/08/17 12:0 a.m.•1 views

Firco Continuity Cross-Site Scripting Vulnerability

Firco Continuity is a real-time trade screening solution. A stored cross-site scripting vulnerability exists in Firco Continuity 6.2.0.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the username field on the login page...

5.8AI score

Exploits0References1

OSV•added 2020/08/14 2:15 p.m.•1 views

UBUNTU-CVE-2020-12648

A cross-site scripting XSS vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode...

6.1CVSS5.8AI score0.00283EPSS

Exploits0References3

OSV•added 2020/05/27 4:15 p.m.•0 views

UBUNTU-CVE-2020-10946

Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5,...

6.1CVSS6.5AI score0.00088EPSS

Exploits1References3

OSV•added 2020/05/19 3:15 p.m.•1 views

CVE-2020-11845

Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML...

6.1CVSS6.5AI score0.00213EPSS

Exploits0References1

CNVD•added 2020/04/29 12:0 a.m.•1 views

Sales Force Assistant Cross-Site Scripting Vulnerability

NI Consulting Sales Force Assistant is a suite of sales support and information sharing tools from NI Consulting Japan. The product supports features such as customer relationship management, case management, complaint management, and visit program management. A cross-site scripting vulnerability...

5.4CVSS6AI score0.00261EPSS

Exploits0

CNVD•added 2020/02/17 12:0 a.m.•1 views

Amazon AWS JavaScript S3 Explorer Cross-Site Scripting Vulnerability

Amazon AWS JavaScript S3 Explorer is a set of S3 browsers. A cross-site scripting vulnerability exists in Amazon AWS JavaScript S3 Explorer explorer.js, which can be exploited by remote attackers to inject malicious script or HTML code, which can be used to gain access to sensitive information or...

6.1CVSS6.2AI score0.00414EPSS

Exploits0References1

CVE•added 2020/02/06 9:30 a.m.•47 views

CVE-2020-5528

CVE-2020-5528 is a cross-site scripting vulnerability in Movable Type series (including Movable Type 7, 6.5, and related editions) that allows remote attackers to inject arbitrary web script or HTML into the block editor and Rich Text Editor via a specially crafted URL. The vulnerability affects ...

6.1CVSS6AI score0.00429EPSS

Exploits0References2Affected Software1

OSV•added 2020/01/31 10:15 p.m.•4 views

CVE-2013-3565

Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...

6.1CVSS6.2AI score

Exploits0References5

OSV•added 2020/01/09 11:15 p.m.•1 views

CVE-2020-6758

A cross-site scripting XSS vulnerability in Option/optionsAll.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 KDI Version allows remote attackers to inject arbitrary web script or HTML via the ContentFrame parameter...

6.1CVSS6.2AI score0.00313EPSS

Exploits1References1

OSV•added 2020/01/06 6:15 a.m.•1 views

CVE-2019-5988

Stored cross-site scripting vulnerability in Access analysis CGI An-Analyzer released in 2019 June 24 and earlier allows remote attackers to inject arbitrary web script or HTML via the Management Page...

6.1CVSS6.5AI score0.00402EPSS

Exploits1References2

CNVD•added 2020/01/06 12:0 a.m.•1 views

Telos Automated Message Handling System Cross-Site Scripting Vulnerability

Telos Automated Message Handling System is an automated message handling system that automates the Web-based distribution and management of enterprise-wide organizational messages. A cross-site scripting vulnerability exists in itemlookup.asp in Telos Automated Message Handling System versions...

6.1CVSS6.3AI score0.00279EPSS

Exploits0References1

CNVD•added 2020/01/06 12:0 a.m.•1 views

Telos Automated Message Handling System Cross-Site Scripting Vulnerability (CNVD-2020-04115)

Telos Automated Message Handling System AMHS is an automated message handling system that enables automated Web-based distribution and management of enterprise-wide organizational messages. A cross-site scripting vulnerability exists in ModalWindowPopup.asp in Telos Automated Message Handling...

6.1CVSS6.3AI score0.00279EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by