Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20041 matches found

Packet Storm News
Packet Storm Newsadded 2026/02/02 12:0 a.m.3 views

FreshRSS 1.11.1 Cross Site Scripting

Multiple cross site scripting vulnerabilities exist in FreshRSS version 1.11.1. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

5.2AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/02/02 12:0 a.m.3 views

TWiki 6.0.1 Cross Site Scripting

A cross site scripting vulnerability exists in TWiki version 6.0.1 via the QUERYSTRING parameter. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

4.3CVSS5.2AI score0.01903EPSS
Exploits2
Packet Storm News
Packet Storm Newsadded 2026/02/02 12:0 a.m.2 views

Subrion CMS 3.2.2 Cross Site Scripting

A cross site scripting vulnerability exists in Subrion CMS version 3.2.2. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

4.3CVSS5.2AI score0.0099EPSS
Exploits1
Packet Storm News
Packet Storm Newsadded 2026/02/02 12:0 a.m.3 views

Flat Nuke 3.1.2 Cross Site Scripting

A cross site scripting vulnerability exists in Flat Nuke version 3.1.2. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

5.2AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/02/02 12:0 a.m.4 views

MyLittleForum 2.3.5 Cross Site Scripting

Multiple Reflected cross site scripting vulnerabilities exist in MyLittleForum version 2.3.5. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

5.2AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/02/02 12:0 a.m.7 views

WordPress Blubrry PowerPress 6.0 Cross Site Scripting

A cross site scripting vulnerability exists in Blubrry PowerPress WordPress Plugin version 6.0. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

4.3CVSS5.2AI score0.02237EPSS
Exploits3
Packet Storm News
Packet Storm Newsadded 2026/02/02 12:0 a.m.3 views

HTMLy Cross Site Scripting

A cross site scripting vulnerability exists in HTMLy CMS. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

5.2AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/02/02 12:0 a.m.3 views

Storytlr 1.2.0 Cross Site Scripting

Multiple reflected cross site scripting vulnerabilities exist in Storytlr version 1.2.0. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

5.2AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/02/02 12:0 a.m.3 views

SpiderFoot 2.7.1 Cross Site Scripting

Multiple reflected cross site scripting vulnerabilities exist in SpiderFoot version 2.7.1. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

5.2AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/02/02 12:0 a.m.3 views

phpMemAdmin Cross Site Scripting

A cross site scripting vulnerability exists in phpMemAdmin. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

5.2AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/02/02 12:0 a.m.4 views

MailPoet Newsletters 2.6.19 Cross Site Scripting

A cross site scripting vulnerability exists in MailPoet Newsletters WordPress Plugin version 2.6.19. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

4.3CVSS5.2AI score0.0107EPSS
Exploits0
OSV
OSVadded 2026/02/01 1:15 p.m.4 views

CVE-2022-50942

Incinga Web 2.8.2 contains a client-side cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through the icinga.min.js file. Attackers can exploit the EventListener.handleEvent method to execute arbitrary scripts, potentially leading to session hijacki...

4.8CVSS6AI score
Exploits0References4
NVD
NVDadded 2026/02/01 1:15 p.m.4 views

CVE-2022-50941

BootCommerce 3.2.1 contains persistent input validation vulnerabilities that allow remote attackers to inject malicious script code through guest order checkout input fields. Attackers can exploit unvalidated input parameters to execute arbitrary scripts, potentially leading to session hijacking,...

6.4CVSS0.00301EPSS
Exploits0References3
NVD
NVDadded 2026/02/01 1:15 p.m.5 views

CVE-2022-50940

Knap Advanced PHP Login 3.1.3 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script code in the name parameter. Attackers can exploit the vulnerability to execute arbitrary scripts in users and activity log backend modules, potentially...

6.4CVSS0.00301EPSS
Exploits0References3
NVD
NVDadded 2026/02/01 1:15 p.m.4 views

CVE-2021-47917

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading...

6.4CVSS0.00289EPSS
Exploits1References3
NVD
NVDadded 2026/02/01 1:15 p.m.4 views

CVE-2021-47914

PHP Melody version 3.0 contains a persistent cross-site scripting vulnerability in the edit-video.php submitted parameter that allows remote attackers to inject malicious script code. Attackers can exploit this vulnerability to execute arbitrary JavaScript, potentially leading to session hijackin...

6.4CVSS0.00303EPSS
Exploits1References4
EUVD
EUVDadded 2026/02/01 12:56 p.m.3 views

EUVD-2023-60536

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading t...

6.4CVSS6AI score0.00305EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/02/01 12:56 p.m.30 views

CVE-2023-54343 QWE DL 2.0.1 Persistent XSS Vulnerability via Path Parameter

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading t...

6.4CVSS0.00305EPSS
Exploits0References3
CVE
CVEadded 2026/02/01 12:56 p.m.7 views

CVE-2023-54343

CVE-2023-54343 affects the mobile web application QWE DL 2.0.1 . The issue is a persistent input validation vulnerability that allows remote attackers to inject malicious script through path parameter manipulation, enabling persistent cross-site scripting (XSS) attacks. Reported impact includes p...

6.4CVSS6AI score0.00305EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/02/01 12:15 p.m.29 views

CVE-2022-50942 Incinga Web 2.8.2 Client-Side Cross-Site Scripting via EventListener

Incinga Web 2.8.2 contains a client-side cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through the icinga.min.js file. Attackers can exploit the EventListener.handleEvent method to execute arbitrary scripts, potentially leading to session hijacki...

5.4CVSS0.00256EPSS
Exploits0References4
Rows per page
Query Builder