Lucene search
K

156 matches found

NVD
NVD
added 2019/03/21 4:0 p.m.18 views

CVE-2018-20627

PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box...

5.4CVSS5.8AI score0.00665EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/03/20 4:25 p.m.24 views

CVE-2018-20627

PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box...

5.8AI score0.00665EPSS
Exploits1References1
CVE
CVE
added 2019/03/20 4:25 p.m.33 views

CVE-2018-20627

CVE-2018-20627 concerns PHP Scripts Mall Consumer Reviews Script 4.0.3, where an HTML injection vulnerability is reported via the search box. The available connected documents confirm the affected product and the attack surface but do not provide concrete details on exploit specifics, affected ve...

5.4CVSS5.8AI score0.00665EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/03/07 11:29 p.m.2 views

CVE-2018-17420

An issue was discovered in ZrLog 2.0.3. There is a SQL injection vulnerability in the article management search box via the keywords parameter...

7.2CVSS5.8AI score0.01326EPSS
Exploits1References1
Hacker One
Hacker One
added 2018/07/17 3:35 a.m.58 views

Khan Academy: POST XSS in https://www.khanacademy.org.tr/ via page_search_query parameter

Hey there, while testing your program I came across a XSS vulnerability in the search area of your website. The vector uses HTTP POST request and the parameter is "pagesearchquery"" on www.khanacademy.org.tr/arama.asp In the next topics I will demonstrate how you can reproduce the vulnerability...

6.4AI score
Exploits0
Hacker One
Hacker One
added 2018/07/14 11:1 p.m.143 views

U.S. Dept Of Defense: sql injection on /messagecenter/messagingcenter at https://www.███████/

Hi , i would like to report an issues that lead to SQL injection in search box at https://www.████/messagecenter/messagingcenter , if you add the character ' that usually used to test if the site have in sql injection the site will return with Incorrect syntax error that can confirm the site is...

0.8AI score
Exploits0
OSV
OSV
added 2018/07/02 4:29 p.m.1 views

CVE-2018-10076

An issue was discovered in Zoho ManageEngine EventLog Analyzer 11.12. A Cross-Site Scripting vulnerability allows a remote attacker to inject arbitrary web script or HTML via the search functionality the search box of the Dashboard...

6.1CVSS5.9AI score0.01275EPSS
Exploits0References1
Prion
Prion
added 2018/04/25 9:29 a.m.12 views

Server side request forgery (ssrf)

EasyCMS 1.3 has XSS via the s POST parameter aka a search box value in an index.php?s=/index/search/index.html request...

4.3CVSS5.9AI score0.00692EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/04/25 9:29 a.m.15 views

CVE-2018-10374

EasyCMS 1.3 has XSS via the s POST parameter aka a search box value in an index.php?s=/index/search/index.html request...

6.1CVSS6.1AI score0.00692EPSS
Exploits1References1
CVE
CVE
added 2018/04/25 9:0 a.m.39 views

CVE-2018-10374

EasyCMS 1.3 is affected by a Cross‑Site Scripting (XSS) vulnerability in the s POST parameter (the value of the search box) sent to index.php?s=/index/search/index.html. The issue arises from XSS in that parameter, enabling injection of arbitrary script/HTML. This CVE entry corresponds to EasyCMS...

6.1CVSS5.9AI score0.00692EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/04/25 9:0 a.m.18 views

CVE-2018-10374

EasyCMS 1.3 has XSS via the s POST parameter aka a search box value in an index.php?s=/index/search/index.html request...

6AI score0.00692EPSS
Exploits1References1
OSV
OSV
added 2018/03/25 6:29 p.m.5 views

CVE-2018-9015

dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdrsn parameter aka the CMS search box...

5.4CVSS5.8AI score0.00556EPSS
Exploits1References1
Prion
Prion
added 2018/03/25 6:29 p.m.13 views

Code injection

dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI...

3.5CVSS5.2AI score0.00556EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/03/25 6:29 p.m.17 views

CVE-2018-9015

dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdrsn parameter aka the CMS search box...

5.4CVSS5.3AI score0.00556EPSS
Exploits1References1
NVD
NVD
added 2018/03/25 6:29 p.m.17 views

CVE-2018-9017

dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI...

5.4CVSS5.3AI score0.00556EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2018/03/25 6:29 p.m.2 views

CVE-2018-9017

dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI...

5.4CVSS5.3AI score0.00556EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/03/25 6:0 p.m.15 views

CVE-2018-9015

dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdrsn parameter aka the CMS search box...

5.3AI score0.00556EPSS
Exploits1References1
CVE
CVE
added 2018/03/25 6:0 p.m.44 views

CVE-2018-9015

CVE-2018-9015 affects dsmall v20180320, with a cross-site scripting (XSS) vulnerability exploitable via the public/index.php/home/predeposit/index.html page’s pdr_sn parameter (the CMS search box). The issue stems from unsanitized input in the pdr_sn field, enabling injection of arbitrary web scr...

5.4CVSS5.2AI score0.00556EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/03/25 6:0 p.m.50 views

CVE-2018-9017

CVE-2018-9017 affects dsmall v20180320 with a cross-site scripting (XSS) vulnerability可 in the public/index.php/home/membersnsfriend/findlist.html page via the member search box. CNVD/CNVD-2018-07558 describe a remote attacker injecting HTML/JavaScript to obtain sensitive information. The provide...

5.4CVSS5.2AI score0.00556EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2018/01/07 12:0 a.m.29 views

Microsoft SharePoint Limited Access Permission Bypass

vulnerability Title: Microsoft SharePoint 'Limited Access' Permission Bypass This vulnerability was discovered by 'Behnam Vanda' January 07, 2018 ====================== I. About Vulnerability ====================== A permission level bypass vulnerability has been identified in microsoft sharePoin...

7.1AI score
Exploits0
Rows per page
Query Builder