Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

179 matches found

CNNVD
CNNVDadded 2025/12/09 12:0 a.m.6 views

WordPress plugin Contact Form 7 Dynamic Text Extension 安全漏洞

...

5.3CVSS5.8AI score0.00236EPSS
Exploits0References1
Snyk
Snykadded 2025/12/04 10:3 p.m.3 views

Cross-site Scripting (XSS)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Cross-site Scripting XSS via the downloadPdf function for Notes feature. An attacker can execute arbitrary JavaScript code and steal session tokens by importing a specially crafted Markdown file containing...

8.7CVSS5.3AI score0.00193EPSS
Exploits1References3
NVD
NVDadded 2025/12/02 5:16 p.m.5 views

CVE-2025-65186

Grav CMS 1.7.49 is vulnerable to Cross Site Scripting XSS. The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface...

6.1CVSS0.00184EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/12/02 12:0 a.m.4 views

CVE-2025-65186

Grav CMS 1.7.49 is vulnerable to Cross Site Scripting XSS. The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface...

5.4AI score0.00184EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/11/07 3:54 p.m.3 views

CVE-2025-49398

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...

6.5CVSS6.6AI score0.00209EPSS
Exploits0References1
EUVD
EUVDadded 2025/11/06 3:53 p.m.2 views

EUVD-2025-38010

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Easy Appointments Easy Appointments easy-appointments allows Code Injection.This issue affects Easy Appointments: from n/a through = 3.12.14...

6AI score0.00209EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/11/06 12:0 a.m.2 views

WordPress plugin Easy Appointments 安全漏洞

WordPress Easy Appointments plugin is a free WordPress appointment management plugin, mainly used to create and manage service appointment system, support multi-location, multi-service, multi-staff appointment function. A cross-site scripting vulnerability exists in the WordPress Easy Appointment...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/11/05 12:0 a.m.8 views

CVE-2025-57244

OpenKM Community Edition 6.3.12 is vulnerable to stored cross-site scripting XSS in the user account creation interface. The Name field accepts script tags and the Email field is vulnerable when the POST request is modified to include encoded script tags, by passing frontend validation...

0.00171EPSS
Exploits1References2
EUVD
EUVDadded 2025/11/05 12:0 a.m.6 views

EUVD-2025-37895

OpenKM Community Edition 6.3.12 is vulnerable to stored cross-site scripting XSS in the user account creation interface. The Name field accepts script tags and the Email field is vulnerable when the POST request is modified to include encoded script tags, by passing frontend validation...

5.4CVSS5.3AI score0.00171EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/27 3:30 a.m.2 views

EUVD-2025-36005

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...

6AI score0.00218EPSS
Exploits0References2
NVD
NVDadded 2025/10/27 2:15 a.m.4 views

CVE-2025-62936

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through = 1.2.9.4...

4.3CVSS0.00218EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/10/27 12:0 a.m.1 views

WordPress plugin WP Recipe Maker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.3CVSS7.1AI score0.00251EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/10/24 2:33 p.m.2 views

CVE-2025-58970

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in AmentoTech Doctreat doctreat allows Code Injection.This issue affects Doctreat: from n/a through = 1.6.7...

6.3CVSS6.6AI score0.00247EPSS
Exploits0References1
NVD
NVDadded 2025/10/22 3:15 p.m.3 views

CVE-2025-58970

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in AmentoTech Doctreat doctreat allows Code Injection.This issue affects Doctreat: from n/a through = 1.6.7...

6.3CVSS0.00247EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/10/22 12:0 a.m.3 views

Wordpress Plugin doctreat 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

6.3CVSS6.8AI score0.00247EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/10/09 12:0 a.m.4 views

PT-2025-41415

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4 Description An Improper Neutralization of Input During Web Page Generation issue exists in Juniper Networks Junos Space. This allows an attacker to store script tags directly in web pages...

9.4CVSS6.1AI score0.00559EPSS
Exploits0References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2020-0437

Malware in sbrugna...

6.1CVSS6.7AI score0.06273EPSS
Exploits4References17
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2001-0513

Malware in sbrugna...

7.5CVSS6.4AI score0.02381EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2012-5520

Malware in sbrugna...

6.1CVSS6.3AI score0.03095EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2018-8870

Malware in sbrugna...

5.4CVSS5.5AI score0.00531EPSS
Exploits1References2
Rows per page
Query Builder