CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4545 matches found

CNVD•added 2019/05/31 12:0 a.m.•2 views

Kanboard Cross-Site Scripting Vulnerability

Kanboard is a suite of open source visual task board software. The software is able to customize the panels according to the business. A cross-site scripting vulnerability exists in the app / Core / Paginator.php file in versions prior to Kanboard 1.2.8. A remote attacker can exploit this...

6.1CVSS6.4AI score0.00285EPSS

Exploits1References1

OSV•added 2019/05/17 4:29 p.m.•1 views

CVE-2019-5928

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via Customize Item function...

6.1CVSS6.7AI score0.00278EPSS

Exploits0References3

ATTACKERKB•added 2019/05/09 3:29 p.m.•1 views

CVE-2017-12788

Multiple cross-site scripting XSS vulnerabilities in admin/index.php in Metinfo 5.3.18 allows remote attackers to inject arbitrary web script or HTML via the 1 class1 parameter or the 2 anyid parameter...

6.1CVSS5.4AI score0.00223EPSS

Exploits1References2

Positive Technologies•added 2019/04/26 12:0 a.m.•1 views

PT-2019-9127 · Gnu · Gnuboard5

Name of the Vulnerable Software and Affected Versions: gnuboard5 versions prior to 5.3.1.6 Description: The issue is related to a Cross-Site Scripting XSS vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML in the adm/faqmasterformupdate.php file...

6.1CVSS6.1AI score0.00223EPSS

Exploits0References5

CNVD•added 2019/03/29 12:0 a.m.•1 views

MISP Cross-Site Scripting Vulnerability (CNVD-2019-12145)

MISP is an open source software solution. The product is used to collect, store, distribute and share cybersecurity metrics and features threat cybersecurity event analysis and malware analysis hood. A cross-site scripting vulnerability exists in the default distribution template in the...

6.1CVSS6.2AI score0.0024EPSS

Exploits0References1

CNVD•added 2019/03/26 12:0 a.m.•1 views

ArcSight Logger Cross-Site Scripting Vulnerability

Micro Focus ArcSight Logger is a suite of log management software from Micro Focus UK. The software collects and integrates data from any log generation source for log management, searching, indexing, reporting, analysis and retention. A cross-site scripting vulnerability exists in Micro Focus...

6.1CVSS6.1AI score0.00362EPSS

Exploits0References1

CNVD•added 2019/03/20 12:0 a.m.•1 views

Columbia Weather Systems Weather MicroServer Cross-Site Scripting Vulnerability

Columbia Weather Systems Weather MicroServer is a weather monitoring device from Columbia Weather Systems, USA. A cross-site scripting vulnerability exists in Columbia Weather Systems Weather MicroServer MS2.6.9900 and prior versions, which arises from the program failing to properly validate...

5.4CVSS6.5AI score0.00118EPSS

Exploits0References1

CNVD•added 2019/03/19 12:0 a.m.•1 views

Phamm Permission License and Access Control Vulnerabilities

Phamm a.k.a. PHP LDAP Virtual Hosting Manager is a PHP-based web hosting manager that supports multiple roles with access rights to manage virtual services using an LDAP backend. A privilege permission and access control vulnerability exists in Phamm version 0.6.8. A remote attacker can exploit...

6.1CVSS6.7AI score0.0024EPSS

Exploits1References1

CNVD•added 2019/03/11 12:0 a.m.•3 views

YzmCMS Cross-Site Scripting Vulnerability (CNVD-2019-07929)

YzmCMS is an open source CMS Content Management System by Yuan Zhimeng programmers in China. A cross-site scripting vulnerability exists in YzmCMS version 5.2. A remote attacker can use the 'column name' parameter of admin/category/edit.html page to inject arbitrary Web script or HTML with the he...

4.8CVSS6.2AI score0.00235EPSS

Exploits1References1

CNVD•added 2019/03/08 12:0 a.m.•2 views

DiliCMS Cross-Site Scripting Vulnerability (CNVD-2019-07939)

DiliCMS is a content management system CMS based on Codelgniter. A cross-site scripting vulnerability exists in the site URL text box in DiliCMS version 2.4.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

5.4CVSS6.1AI score0.00206EPSS

Exploits1References1

CNVD•added 2019/03/06 12:0 a.m.•2 views

Dradis Cross-Site Scripting Vulnerability

Dradis is a suite of reporting and collaboration tools for information security teams. A cross-site scripting vulnerability exists in Dradis Community Edition version 3.11 and earlier. A remote attacker can exploit this vulnerability to execute arbitrary script in a user's browser...

5.4CVSS6.5AI score0.00195EPSS

Exploits0References1

CNVD•added 2019/02/21 12:0 a.m.•2 views

Cisco HyperFlex Cross-Site Scripting Vulnerability

Cisco HyperFlex Software is the United States Cisco Cisco company's set of scalable distributed file system. The system provides unified computing, storage and networking through cloud management, and provides enterprise-class data management and optimization services. A cross-site scripting...

6.1CVSS6.6AI score0.0012EPSS

Exploits0References1

CNVD•added 2019/02/15 12:0 a.m.•3 views

SAP Web Intelligence BI LaunchPad Cross-Site Scripting Vulnerability

SAP Web Intelligence BI LaunchPad is a Java- or HTML-based user interface for use in BusinessObjects tools from SAP, Germany. The product is mainly used to perform analytical reporting and data analysis. A cross-site scripting vulnerability in SAP Web Intelligence BI LaunchPad versions 4.10 and...

5.4CVSS6.8AI score0.003EPSS

Exploits0References1

CNVD•added 2019/02/15 12:0 a.m.•0 views

SchoolCMS Cross-Site Scripting Vulnerability (CNVD-2019-35030)

SchoolCMS is an open source school teaching management system based on ThinkPHP framework. The system includes student management , grade management and teacher management . SchoolCMS cross-site scripting vulnerability , remote attackers can use the vulnerability to inject arbitrary Web script or...

6.1CVSS6.4AI score0.0024EPSS

Exploits1References1

CNVD•added 2019/02/15 12:0 a.m.•2 views

Microsoft Team Foundation Server Cross-Site Scripting Vulnerability (CNVD-2019-24386)

Microsoft Team Foundation Server is a source code management, project management, and team collaboration platform within an application lifecycle management ALM tool suite. A cross-site scripting vulnerability in Microsoft Team Foundation Server 2018 Update version 3.2, which stems from the progr...

5.4CVSS6.5AI score0.00835EPSS

Exploits0References1

Japan Vulnerability Notes•added 2019/01/22 2:47 a.m.•1 views

Cross-site Scripting Vulnerability in Hitachi Device Manager

Overview A Cross-site Scripting Vulnerability was found in Hitachi Device Manager. Impact Remote users can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

4.7CVSS6.6AI score

Exploits0References2

CNVD•added 2019/01/17 12:0 a.m.•1 views

Cacti cross-site scripting vulnerability (CNVD-2019-14553)

Cacti is an open source, web-based network monitoring and mapping tool, a front-end application designed for the data logging tool RRDtool. A cross-site scripting vulnerability exists in the 'Website Hostname' parameter of the host.php file in versions of Cacti prior to 1.2.0, which stems from th...

5.4CVSS7.1AI score0.0051EPSS

Exploits1References1

CNVD•added 2019/01/17 12:0 a.m.•2 views

Cacti cross-site scripting vulnerability (CNVD-2019-14552)

Cacti is an open source, web-based network monitoring and mapping tool, a front-end application designed for the data logging tool RRDtool. A cross-site scripting vulnerability exists in the 'Website Hostnam' field of the pollers.php file in versions of Cacti prior to 1.2.0, which stems from the...

4.8CVSS7.1AI score0.00583EPSS

Exploits1References1

CNVD•added 2019/01/11 12:0 a.m.•0 views

Cisco Webex Business Suite Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in the MyWebex component of Cisco Webex Business Suite. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via a specially crafted URL...

6.1CVSS5.9AI score0.0012EPSS

Exploits0References1

CNVD•added 2019/01/11 12:0 a.m.•2 views

Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability

Cisco TelePresence is a telepresence conferencing solution developed by Cisco. A cross-site scripting vulnerability exists in the web-based management interface in Cisco TelePresence Management Suite TMS, which can be exploited by a remote attacker with the help of a specially crafted link to...

6.1CVSS6.5AI score0.0012EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by