CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3736 matches found

CNVD•added 2018/03/09 12:0 a.m.•1 views

Jease Cross-Site Scripting Vulnerability (CNVD-2018-04746)

Jease is a set of open source content management system CMS written in Java language . A cross-site scripting vulnerability exists in Jease. A remote attacker can exploit this vulnerability to inject arbitrary Web script or HTML...

5.4CVSS6.3AI score0.00138EPSS

Exploits3References1

CNVD•added 2018/03/09 12:0 a.m.•2 views

Eramba Date Filter Cross-Site Scripting Vulnerability

Eramba is an open source enterprise level IT governance application from Eramba UK. The program features IT security, compliance auditing and analysis, etc. Date Filter is one of the data filters. A cross-site scripting vulnerability exists in Date Filter in Eramba. A remote attacker can exploit...

6.1CVSS6.2AI score0.0024EPSS

Exploits1References1

CNVD•added 2018/03/02 12:0 a.m.•1 views

WordPress Plugin Ninja Forms Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports in PHP and MySQL servers to set up a personal blog site . Ninja Forms is one of the form plug-ins . A cross-site scripting vulnerability exists in the WordPress plugi...

6.1CVSS6.1AI score0.0021EPSS

Exploits0References1

CNVD•added 2018/03/02 12:0 a.m.•3 views

Citrix NetScaler Application Delivery Controller and NetScaler Gateway Multiple Cross-Site Scripting Vulnerabilities

Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway formerly known as Citrix Access Gateway Enterprise Edition are both products of Citrix Systems. NetScaler ADC is a service and application delivery solution Application Delivery Controller; NetScaler Gateway is a secure...

6.1CVSS6AI score0.00255EPSS

Exploits0References1

CNVD•added 2018/02/27 12:0 a.m.•3 views

Etherpad Lite Cross-Site Scripting Vulnerability

Etherpad Lite is the Etherpad Foundation's suite of open source rich text online collaboration software. A cross-site scripting vulnerability exists in the static/js/padutils.js file in Etherpad Lite versions prior to 1.6.3. A remote attacker can use window.location.href to inject arbitrary Web...

6.1CVSS6.3AI score0.00328EPSS

Exploits0References1

CNVD•added 2018/02/26 12:0 a.m.•0 views

HPE Matrix Operating Environment Software and Systems Insight Manager Software Cross-Site Scripting Vulnerability

HPE Matrix Operating Environment Software and Systems Insight Manager SIM Software are both products of Hewlett Packard Enterprise HPE, U.S. HPE Matrix Operating Environment Software is a set of cloud management software designed for infrastructure services. HPE Matrix Operating Environment...

5.4CVSS6.2AI score0.003EPSS

Exploits0References1

CNVD•added 2018/02/26 12:0 a.m.•1 views

mcholste Enterprise Log Search and Archive Cross-Site Scripting Vulnerability

mcholste Enterprise Log Search and Archive ELSA is an enterprise log search and archive system. A cross-site scripting vulnerability exists in the index view in mcholste ELSA version 1205, commit 2cc17f1 and earlier. A remote attacker can leverage the 'type', 'name', and 'value' parameters in...

6.1CVSS6.2AI score0.0024EPSS

Exploits0References1

CNVD•added 2018/02/23 12:0 a.m.•2 views

Trend Micro Email Encryption Gateway Cross-Site Scripting Vulnerability (CNVD-2018-04491)

Trend Micro Email Encryption is a suite of identity-based email encryption solutions from Trend Micro, Inc. The Trend Micro Email Encryption Gateway TMEEG is one of the gateway products that provides data protection. A cross-site scripting vulnerability exists in the policy script in Trend Micro...

5.4CVSS6.3AI score0.00163EPSS

Exploits5References1

CNVD•added 2018/02/09 12:0 a.m.•3 views

PHP Scripts Mall Naukri Clone Script Cross-Site Scripting Vulnerability

PHP Scripts Mall Naukri Clone Script is an online recruitment system script based on PHP and MySQL platform by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Naukri Clone Script version 3.0.3. The vulnerability can be exploited by a remote attacker to inje...

5.4CVSS6.2AI score0.00181EPSS

Exploits1References1

CNVD•added 2018/02/05 12:0 a.m.•1 views

MTS Simple Booking C and MTS Simple Booking Business Cross-Site Scripting Vulnerabilities

MTS Simple Booking C and MTS Simple Booking Business are both online booking plugins for WordPress developed by MT Systems Japan. A cross-site scripting vulnerability exists in MTS Simple Booking C and MTS Simple Booking Business versions 1.28.0 and earlier. A remote attacker can exploit this...

6.1CVSS6.2AI score0.0026EPSS

Exploits0References1

OSV•added 2018/02/02 9:29 p.m.•1 views

CVE-2016-0303

Cross-site scripting XSS vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5.9AI score

Exploits0References1

CNVD•added 2018/02/01 12:0 a.m.•2 views

iBall 300M Cross-Site Scripting Vulnerability

The iBall 300M is a wireless router product from iBall India. A cross-site scripting vulnerability exists in /goform/setLang in iBall 300M using iB-WRB302N1.0.1-Sep 8 2017 version firmware. A remote attacker can exploit the vulnerability to inject arbitrary web script or HTML with the help of the...

6.1CVSS6AI score0.00373EPSS

Exploits1References1

OSV•added 2018/01/30 8:29 p.m.•2 views

CVE-2018-6194

A cross-site scripting XSS vulnerability in admin/partials/wp-splashing-admin-sidebar.php in the Splashing Images plugin wp-splashing-images before 2.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search parameter to wp-admin/upload.php...

4.8CVSS5.8AI score

Exploits0References4

CNVD•added 2018/01/17 12:0 a.m.•2 views

WordPress SrbTransLatin Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development , the platform supports in PHP and MySQL server set up personal blog site . SrbTransLatin plugin is used in one of the language conversion plugin . A cross-site scripting vulnerability exists ...

4.8CVSS6AI score0.00225EPSS

Exploits1References1

OSV•added 2018/01/16 7:29 p.m.•1 views

CVE-2017-8802

Cross-site scripting XSS vulnerability in Zimbra Collaboration Suite aka ZCS before 8.8.0 Beta2 might allow remote attackers to inject arbitrary web script or HTML via vectors related to the "Show Snippet" functionality...

5.4CVSS5.9AI score

Exploits0References4

CNVD•added 2018/01/15 12:0 a.m.•1 views

Dotclear admin/auth.php file cross-site scripting vulnerability

Dotclear is a software developer Olivier Meunier developed a free PHP and MySQL-based blog Blog publishing software. A cross-site scripting vulnerability exists in the admin/auth.php file in Dotclear version 2.12.1. This vulnerability can be exploited by remote attackers to inject arbitrary web...

5.4CVSS6AI score0.00163EPSS

Exploits0References1

CNVD•added 2018/01/15 12:0 a.m.•2 views

DragonByte Technologies vbActivity for vBulletin Cross-Site Scripting Vulnerability

DragonByte Technologies vbActivity for vBulletin is a module with polling and rating functionality for vBulletin, an open source commercial web forum program from DragonByte Technologies, Scotland. A cross-site scripting vulnerability exists in DragonByte Technologies vbActivity for vBulletin...

6.1CVSS5.9AI score0.00246EPSS

Exploits0References1

CNVD•added 2018/01/04 12:0 a.m.•1 views

Celartem Extensis Portfolio NetPublish Cross-Site Scripting Vulnerability

Celartem Extensis Portfolio NetPublish is a digital asset management software from Celartem Japan. A cross-site scripting vulnerability exists in Celartem Extensis Portfolio NetPublish. A remote attacker can inject arbitrary web script or HTML by sending the 'quickfind' parameter to the...

6.1CVSS6AI score0.00328EPSS

Exploits0References1

CNVD•added 2017/12/26 12:0 a.m.•1 views

PHP Scripts Mall Responsive Realestate Script Cross-Site Scripting Vulnerability

Responsive Realestate Script is a script for building real estate websites. A cross-site scripting vulnerability exists in PHP Scripts Mall Responsive Realestate Script. A remote attacker can inject arbitrary web script or HTML by sending the 'gplus' parameter to the admin/general.php file...

4.8CVSS6.2AI score0.00219EPSS

Exploits1References1

OSV•added 2017/12/19 8:29 p.m.•2 views

CVE-2017-17719

A cross-site scripting XSS vulnerability in the wp-concours plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the resultmessage parameter to includes/concourspage.php...

6.1CVSS5.8AI score0.00209EPSS

Exploits3References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by