CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2025/07/21 4:36 p.m.•10 views

CVE-2025-7715 Block Attributes - Moderately critical - Cross-site Scripting - SA-CONTRIB-2025-090

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Block Attributes allows Cross-Site Scripting XSS.This issue affects Block Attributes: from 0.0.0 before 1.1.0, from 2.0.0 before 2.0.1...

0.00214EPSS

RedHat Linux•added 2025/07/21 9:7 a.m.•3 views

openjdk: Improve scripting supports (Oracle CPU 2025-07)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Scripting. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf and 11.0.27; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows...

RedHat Linux•added 2025/07/21 5:45 a.m.•4 views

openjdk: Improve scripting supports (Oracle CPU 2025-07)

RedhatCVE•added 2025/07/21 3:10 a.m.•7 views

CVE-2025-7655

The Live Stream Badger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'livestream' shortcode in all versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.5AI score0.00209EPSS

NVD•added 2025/07/20 4:15 p.m.•5 views

CVE-2025-7901

A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been rated as problematic. This issue affects some unknown processing of the file /swagger-ui/index.html of the component Swagger UI. The manipulation of the argument configUrl leads to cross site scripting. The attack may be...

6.1CVSS0.00701EPSS

Exploits1References4

Cvelist•added 2025/07/20 3:32 p.m.•15 views

CVE-2025-7901 yangzongzhuan RuoYi Swagger UI index.html cross site scripting

5.3CVSS0.00701EPSS

Exploits1References4

Vulnrichment•added 2025/07/20 5:32 a.m.•5 views

CVE-2025-7870 Portabilis i-Diario justificativas-de-falta Endpoint cross site scripting

A vulnerability, which was classified as problematic, was found in Portabilis i-Diario 1.5.0. This affects an unknown part of the component justificativas-de-falta Endpoint. The manipulation of the argument Anexo leads to cross site scripting. It is possible to initiate the attack remotely. The...

5.1CVSS3.5AI score0.00261EPSS

Exploits1References4

CVE•added 2025/07/20 4:2 a.m.•24 views

CVE-2025-7867

CVE-2025-7867 affects Portabilis i-Educar 2.9.0/2.10.0, specifically the Agenda Module’s file /intranet/agenda.php. The vulnerability arises from manipulating the parameters novo_titulo and novo_descricao, leading to cross-site scripting. Attacks can be initiated remotely, and the exploit has bee...

5.4CVSS3.5AI score0.00248EPSS

Exploits0References6Affected Software1

Positive Technologies•added 2025/07/20 12:0 a.m.•2 views

PT-2025-30170 · Portabilis · I-Educar

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar version 2.9.0 Description: A cross-site scripting issue exists due to the manipulation of the Motivo argument within the Calendar Module. The vulnerability is located in the /intranet/educar calendario dia motivo cad.php...

5.4CVSS3.7AI score0.00219EPSS

Exploits0References12

RedhatCVE•added 2025/07/19 11:49 p.m.•10 views

CVE-2025-6185

Leviton AcquiSuite and Energy Monitoring Hub are susceptible to a cross-site scripting vulnerability, allowing an attacker to craft a malicious payload in URL parameters, which would execute in a client browser when accessed by a user, steal session tokens, and control the service...

9.3CVSS5.9AI score0.00311EPSS

Cvelist•added 2025/07/18 7:2 p.m.•8 views

CVE-2025-7802 PHPGurukul Complaint Management System complaint-search.php cross site scripting

A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument Search leads to cross site scripting. The attack may be launched...

5.1CVSS0.00224EPSS

Exploits1References5

RedHat Linux•added 2025/07/18 9:57 a.m.•4 views

openjdk: Improve scripting supports (Oracle CPU 2025-07)

RedHat Linux•added 2025/07/18 8:45 a.m.•5 views

openjdk: Improve scripting supports (Oracle CPU 2025-07)