Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13 matches found

RedhatCVE
RedhatCVEadded 2025/09/27 7:33 p.m.16 views

CVE-2025-11037

A security flaw has been discovered in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/adminindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack may be initiated remotely. The exploit has been released to th...

7.5CVSS7AI score0.00454EPSS
Exploits1References1
OSV
OSVadded 2025/03/26 6:44 p.m.7 views

GHSA-7WQ3-JR35-275C Directus `search` query parameter allows enumeration of non permitted fields

Summary The search query parameter allows users with access to a collection to filter items based on fields they do not have permission to view. This allows the enumeration of unknown field contents. Details The searchable columns numbers & strings are not checked against permissions when injecti...

5.3CVSS5.2AI score0.00261EPSS
Exploits0References4
OSV
OSVadded 2023/12/28 3:15 a.m.3 views

CVE-2023-7124

A vulnerability, which was classified as problematic, was found in code-projects E-Commerce Site 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument keyword with the input leads to cross site scripting. It is possible to launch the attack remotely. The...

6.1CVSS4AI score
Exploits0References3
Packet Storm
Packet Stormadded 2023/06/05 12:0 a.m.273 views

Total CMS 1.7.4 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
SUSE CVE
SUSE CVEadded 2023/02/15 5:36 a.m.4 views

SUSE CVE-2013-4415

Multiple cross-site scripting XSS vulnerabilities in Spacewalk and Red Hat Network RHN Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the 1 whereCriteria variable in a software channels search; 2 endyear, 3 starthour, 4 endampm, 5 endday, 6 endhour, 7 endminute, 8...

4.3CVSS6AI score0.01732EPSS
Exploits0References5
CNNVD
CNNVDadded 2022/11/29 12:0 a.m.5 views

AeroCMS SQL注入漏洞

AeroCMS is a content management system from AeroCMS Inc. in the United States. AeroCMS version v0.0.1 suffers from a security vulnerability that stems from the discovery of a contained SQL injection vulnerability via the Search parameter. An attacker exploits the vulnerability to access database...

7.5CVSS7.6AI score0.00751EPSS
Exploits1References2
Prion
Prionadded 2021/03/31 2:15 p.m.13 views

Sql injection

PbootCMS 3.0.4 contains a SQL injection vulnerability through index.php via the search parameter that can reveal sensitive information through adding an admin account...

5CVSS7.7AI score0.01136EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Stormadded 2018/04/10 12:0 a.m.32 views

iScripts SonicBB 1.0 Cross Site Scripting

Exploit Title: iScripts SonicBB 1.0 - Reflected Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/sonicbb/demo/ Version: 1.0 Tested on: Windows 10 Category: Webapps CVE: CVE-2018-9235 1. Description...

6.4AI score0.02606EPSS
Exploits5
Openbugbounty
Openbugbountyadded 2017/11/15 11:29 a.m.18 views

safirperfum.ir XSS vulnerability

Open Bug Bounty ID: OBB-417450 Description| Value ---|--- Affected Website:| safirperfum.ir Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Cvelist
Cvelistadded 2015/03/11 2:0 p.m.29 views

CVE-2010-5322

Cross-site scripting XSS vulnerability in ZeusCart 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to index.php...

5.6AI score0.02615EPSS
Exploits1References10
NVD
NVDadded 2014/12/03 6:59 p.m.12 views

CVE-2014-8772

Cross-site scripting XSS vulnerability in the searchcontroller in X3 CMS 0.5.1 and 0.5.1.1 allows remote authenticated users to inject arbitrary web script or HTML via the search parameter...

3.5CVSS5.3AI score0.00777EPSS
Exploits1References2
NVD
NVDadded 2009/12/30 8:0 p.m.15 views

CVE-2009-4464

Cross-site scripting XSS vulnerability in searchadvance.asp in Active Business Directory 2 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

4.3CVSS5.7AI score0.01498EPSS
Exploits1References4
securityvulns
securityvulnsadded 2003/02/12 12:0 a.m.35 views

/search/index.cfm crossite scripting

/search/index.cfm allows insert HTML tags via search paramter...

1.8AI score
Exploits0References1
Rows per page
Query Builder