CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

476 matches found

NVD•added 2015/04/16 4:59 p.m.•10 views

CVE-2015-0496

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote authenticated users to affect confidentiality via vectors related to PIA Search Functionality...

4CVSS5.2AI score0.00169EPSS

Exploits0References2

Prion•added 2015/04/16 4:59 p.m.•18 views

Code injection

4CVSS5.6AI score0.00169EPSS

Exploits0References2Affected Software1

CVE•added 2015/04/16 4:0 p.m.•51 views

CVE-2015-0496

CVE-2015-0496 affects Oracle PeopleSoft: PeopleSoft Enterprise PeopleTools component, specifically the PIA Search Functionality, in Oracle PeopleSoft products with version 8.53 and 8.54. The vulnerability is described as unspecified but allows remote authenticated users to affect confidentiality ...

4CVSS5.3AI score0.00169EPSS

Exploits0References2Affected Software1

Cvelist•added 2015/04/16 4:0 p.m.•18 views

CVE-2015-0496

5.2AI score0.00169EPSS

Exploits0References2

ATTACKERKB•added 2014/12/19 3:59 p.m.•1 views

CVE-2014-2026

Cross-site scripting XSS vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter...

4.3CVSS5.8AI score0.00295EPSS

Exploits0References7

RubySec•added 2014/12/04 12:0 a.m.•13 views

gollum-grit_adapter Search Functionality Allows Arbitrary Command Execution

The gollum-gritadapter gem contains a flaw that can allow arbitrary command execution. Grit implements its search functionality by shelling out to git grep. In turn, git grep takes a -O or --open-files-in-pages option that will pipe the results of grep to an arbitrary process. By failing to...

8.8CVSS2.1AI score0.01195EPSS

Exploits0References1Affected Software1

NVD•added 2014/10/26 8:55 p.m.•9 views

CVE-2014-6635

Cross-site scripting XSS vulnerability in Exponent CMS 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the src parameter in the search action to index.php...

4.3CVSS5.7AI score0.00225EPSS

Exploits0References2

Openbugbounty•added 2014/10/07 6:48 p.m.•11 views

plazathai.com XSS vulnerability

Open Bug Bounty ID: OBB-51290 Description| Value ---|--- Affected Website:| plazathai.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...

6.4AI score

Exploits0

Check Point Advisories•added 2014/09/28 12:0 a.m.•1 views

Splunk collect file Directory Traversal (CVE-2013-6771)

A directory traversal vulnerability has been found in Splunk. The vulnerability is due to insufficient sanitization of user-provided input to the advanced search functionality in the "file" parameter of the "collect" script...

9.3CVSS2.5AI score0.04064EPSS

Exploits0

Zero Day Initiative•added 2014/04/03 12:0 a.m.•47 views

Splunk collect file Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Splunk. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the advanced search...

9CVSS5.4AI score0.04064EPSS

Exploits0References1

exploitpack•added 2014/04/03 12:0 a.m.•13 views

CMS Made Simple 1.11.10 - Multiple Cross-Site Scripting Vulnerabilities

CMS Made Simple 1.11.10 - Multiple Cross-Site Scripting Vulnerabilities Exploit Title : CMS Made Simple 1.11.10 Multiple XSS Vulnerability Google dork : N/A Date : 02/04/2014 Exploit Author : Blessen Thomas Vendor Homepage : http://www.cmsmadesimple.org/ Software Link : N/A Version : 1.11.10 Test...

Exploits0

NVD•added 2013/12/09 4:55 p.m.•19 views

CVE-2013-6039

Multiple cross-site scripting XSS vulnerabilities in NagiosQL 3.2 SP2 allow remote attackers to inject arbitrary web script or HTML via the txtSearch parameter to 1 admin/hostdependencies.php, 2 admin/hosts.php, or other unspecified pages that allow search input, related to the search functionali...

4.3CVSS5.8AI score0.01354EPSS

Exploits1References6

Prion•added 2013/12/09 4:55 p.m.•16 views

Cross site scripting

4.3CVSS6.1AI score0.01354EPSS

Exploits1References6Affected Software1

Cvelist•added 2013/12/09 4:0 p.m.•16 views

CVE-2013-6039

5.8AI score0.01354EPSS

Exploits1References6

Positive Technologies•added 2013/12/09 12:0 a.m.•2 views

PT-2013-5935 · Nagios · Nagiosql

Name of the Vulnerable Software and Affected Versions: NagiosQL version 3.2 SP2 Description: The issue is related to multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the txtSearch parameter to various pages,...

4.3CVSS5.8AI score0.01354EPSS

Exploits1References7

NVD•added 2013/08/25 3:27 a.m.•15 views

CVE-2012-6585

Cross-site scripting XSS vulnerability in search.php in MYRE Realty Manager allows remote attackers to inject arbitrary web script or HTML via the catid1 parameter...

4.3CVSS5.7AI score0.00788EPSS

Exploits1References1

Prion•added 2013/08/25 3:27 a.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in MYRE Realty Manager allows remote attackers to inject arbitrary web script or HTML via the catid1 parameter...

4.3CVSS6.1AI score0.00788EPSS

Exploits1References1

NVD•added 2013/07/17 1:41 p.m.•14 views

CVE-2013-3759

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect integrity via vectors related to PIA Search Functionality...

4.3CVSS5.8AI score0.00363EPSS

Exploits0References5

Prion•added 2013/07/17 1:41 p.m.•14 views

Code injection

4.3CVSS6.3AI score0.00363EPSS

Exploits0References5Affected Software1

CVE•added 2013/07/17 10:0 a.m.•45 views

CVE-2013-3759

Technical details for CVE-2013-3759 are not publicly available in the provided documents. Monitor for updates from Oracle CPU advisories and CVE records to confirm affected products, impact, and fixes.

4.3CVSS6AI score0.00363EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by