CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4545 matches found

CNVD•added 2018/06/13 12:0 a.m.•1 views

Sonatype Nexus Repository Manager Cross-Site Scripting Vulnerability (CNVD-2018-11638)

Sonatype Nexus Repository Manager aka NXRM is a maven repository manager. A cross-site scripting vulnerability exists in Sonatype NXRM versions prior to 3.12.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the Administration UI...

4.8CVSS4.8AI score0.00342EPSS

Exploits0References1

CNVD•added 2018/06/05 12:0 a.m.•2 views

Ximdex Cross-Site Scripting Vulnerability

Ximdex is a content and data management system. The system includes features such as an intelligent search engine, information aggregation, image and text recognition. A cross-site scripting vulnerability exists in the account creation page in Ximdex version 4.0. A remote attacker can exploit thi...

6.1CVSS5.8AI score0.0024EPSS

Exploits0References1

CNVD•added 2018/06/05 12:0 a.m.•1 views

Mozilla Firefox Design Vulnerability

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in the Live Bookmark page and PDF reader in versions of Mozilla Firefox prior to 60. A remote attacker can exploit this vulnerability by performing a social...

4.3CVSS8.9AI score0.00694EPSS

Exploits0References1

CNVD•added 2018/06/05 12:0 a.m.•1 views

Synology Drive File Sharing Notify Toast Cross-Site Scripting Vulnerability

Synology Drive is a collaboration suite from Synology that includes document management, collaboration and file synchronization and backup features.File Sharing Notify Toast is one of the file sharing components. A cross-site scripting vulnerability exists in File Sharing Notify Toast in Synology...

6.5CVSS6.2AI score0.00133EPSS

Exploits0References1

CNVD•added 2018/05/31 12:0 a.m.•2 views

ClipperCMS Cross-Site Scripting Vulnerability (CNVD-2018-10866)

ClipperCMS is a content management system CMS. A cross-site scripting vulnerability exists in the 'Module name' field under the 'Modules - Manage modules - edit' tag in ClipperCMS version 1.3.3. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

5.4CVSS6.2AI score0.00206EPSS

Exploits1References1

CNVD•added 2018/05/31 12:0 a.m.•1 views

i18next Cross-Site Scripting Vulnerability

i18next is a translation loading framework written in JavaScript. A cross-site scripting vulnerability exists in i18next 2.0.0 and later versions, which stems from the program failing to encode user input. A remote attacker can exploit the vulnerability to inject arbitrary web script or HTML...

6.1CVSS6.2AI score0.00223EPSS

Exploits1References1

CNVD•added 2018/05/30 12:0 a.m.•1 views

MyBB Moderator Log Notes Plugin Cross-Site Scripting Vulnerability

MyBB aka MyBulletinBoard is MyBB team developed a set of PHP and MySQL development of free and Web-based forum software . Moderator Log Notes plugin is used in which a management log records plugin . A cross-site scripting vulnerability exists in version 1.1 of the MyBB Moderator Log Notes plugin...

5.4CVSS6.1AI score0.00181EPSS

Exploits1References1

CNVD•added 2018/05/25 12:0 a.m.•1 views

Micro Focus Universal CMDB, CMS and UCMDB Browser Cross-Site Scripting Vulnerabilities

Micro Focus Universal CMDB, CMS and UCMDB Browser are all products of Micro Focus, a UK-based company. Micro Focus Universal CMDB is a resource management solution; CMS is a CMDB configuration management system; UCMDB Browser is a lightweight, web-based client for accessing UCMDB Universal...

6.3CVSS6.2AI score0.00172EPSS

Exploits0References1

CNVD•added 2018/05/21 12:0 a.m.•2 views

HPE UCMDB Configuration Manager Software Cross-Site Scripting Vulnerability

HPE UCMDB full name Universal CMDB is the United States Hewlett Packard Enterprise HPE company's set of resource management solutions. The solution provides from the bottom up including IT infrastructure auto-discovery, data modeling, service mapping definition and service impact analysis, etc...

6.1CVSS6.8AI score0.00362EPSS

Exploits0References1

CNVD•added 2018/05/21 12:0 a.m.•3 views

ILIAS Cross-Site Scripting Vulnerability (CNVD-2018-10349)

ILIAS is a Web-based learning management system developed by the ILIAS team. The system contains modules for course management, file sharing, and live chat. A cross-site scripting vulnerability exists in the error.php page in versions 5.3.x prior to ILIAS 5.3.4 and 5.2.x. A remote attacker can...

6.1CVSS6AI score0.00266EPSS

Exploits0References1

CNVD•added 2018/05/17 12:0 a.m.•2 views

WordPress Imagely NextGEN Gallery Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Imagely NextGen Gallery is one of the gallery management systems. A cross-site scripting vulnerability exists in Image Alt &...

4.8CVSS6.3AI score0.00205EPSS

Exploits0References1

CNVD•added 2018/05/16 12:0 a.m.•1 views

Tenable Nessus Cross-Site Scripting Vulnerability (CNVD-2018-10667)

Tenable Network Security Nessus is a highly scalable open source vulnerability scanner from Tenable Network Security, USA. A cross-site scripting vulnerability exists in Tenable Network Security Nessus versions prior to 7.1.0, which stems from the program failing to properly perform input...

5.4CVSS6.8AI score0.00363EPSS

Exploits0References1

OSV•added 2018/05/14 1:29 p.m.•0 views

CVE-2018-0578

Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5.9AI score0.00125EPSS

Exploits0References2

OSV•added 2018/05/14 1:29 p.m.•1 views

CVE-2018-0581

Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References2

OSV•added 2018/05/14 1:29 p.m.•2 views

CVE-2018-0579

Cross-site scripting vulnerability in Open Graph for Facebook, Google+ and Twitter Card Tags plugin prior to version 2.2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References2

OSV•added 2018/05/14 1:29 p.m.•0 views

CVE-2018-0576

Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5.9AI score

Exploits0References3

OSV•added 2018/05/14 1:29 p.m.•1 views

CVE-2018-0577

Cross-site scripting vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5.9AI score0.00228EPSS

Exploits0References3

CNVD•added 2018/05/14 12:0 a.m.•1 views

Drupal CKEditor Enhanced Image plugin cross-site scripting vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.CKEditor is one of the text editors.Enhanced Image aka image2 is one of the image enhancement plugins. A cross-site scripting vulnerability exists in the Enhanced Image plugin in Drupal...

6.1CVSS6.3AI score0.00369EPSS

Exploits0References1

CNVD•added 2018/05/11 12:0 a.m.•2 views

Cisco WebEx Connect IM Cross-Site Scripting Vulnerability

Cisco WebEx Connect is the United States Cisco Cisco a simultaneous instant messaging, IP telephony, voice, video and web conferencing features such as client software. im is one of the instant messaging component. A cross-site scripting vulnerability exists in Cisco WebEx Connect IM, which stems...

6.1CVSS6.6AI score0.00319EPSS

Exploits0References1

CNVD•added 2018/05/10 12:0 a.m.•1 views

Puppet Enterprise Console Cross-Site Scripting Vulnerability (CNVD-2018-09253)

Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the U.S. It can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is its enterprise version.Puppet Enterprise Console is one of t...

5.4CVSS6.2AI score0.00254EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by