CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2026/05/13 6:30 p.m.•4 views

EUVD-2020-31223

Kuicms Php EE 2.0 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted content through the bbs reply endpoint. Attackers can send POST requests to /web/?c=bbs&a=reply with HTML and JavaScript payloads in t...

7.2CVSS5.9AI score0.001EPSS

Exploits0References5

NVD•added 2026/05/13 4:16 p.m.•7 views

CVE-2020-37222

7.2CVSS0.001EPSS

Exploits0References4

ATTACKERKB•added 2026/05/13 2:22 p.m.•4 views

CVE-2020-37222

7.2CVSS5.9AI score0.001EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/05/13 2:22 p.m.•6 views

CVE-2020-37222 Kuicms Php EE 2.0 Persistent Cross-Site Scripting via bbs reply

7.2CVSS5.9AI score0.001EPSS

Exploits0References4

Positive Technologies•added 2026/05/13 12:0 a.m.•7 views

PT-2026-40623

7.2CVSS5.9AI score0.001EPSS

Exploits0References5

CNNVD•added 2026/05/13 12:0 a.m.•6 views

Kuicms Php EE 跨站脚本漏洞

Kuicms Php EE is a PHP enterprise website content management system developed by Kuicms. Version 2.0 of Kuicms Php EE contains a cross-site scripting vulnerability. This vulnerability stems from a persistent cross-site scripting issue, which may allow unauthenticated attackers to submit malicious...

7.2CVSS5.6AI score0.001EPSS

Exploits0References1

RedhatCVE•added 2025/11/12 1:6 p.m.•4 views

CVE-2025-41103

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'replymessage' in '/messages/reply'...

5.4CVSS7.3AI score0.00023EPSS

Exploits0References1

OSV•added 2025/11/11 1:15 p.m.•1 views

CVE-2025-41103

5.4CVSS5.8AI score

Exploits0References1

RedhatCVE•added 2025/10/09 12:14 a.m.•6 views

CVE-2025-60299

Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database a...

5.4CVSS5.4AI score0.00026EPSS

Exploits1References1

NVD•added 2025/10/08 1:15 p.m.•2 views

CVE-2025-60299

5.4CVSS0.00026EPSS

Exploits1References2

Positive Technologies•added 2005/11/06 12:0 a.m.•2 views

PT-2005-4310 · Chipmunk · Chipmunk Forum

Name of the Vulnerable Software and Affected Versions: Chipmunk Forum script affected versions not specified Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the forumID...

4.3CVSS5.7AI score0.01035EPSS

Exploits1References13

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by