CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

71 matches found

CNNVD•added 2020/11/17 12:0 a.m.•2 views

SourceCodester Gym Management System 跨站脚本漏洞

SourceCodester Gym Management System is the American SourceCodester company's a gym management system. The system by C and sql server for the development of technology, with customer and supplier management, product management, sales management, gym membership management, fitness assessment, syst...

6.1CVSS6.4AI score0.00328EPSS

Exploits1References3

CNVD•added 2020/09/27 12:0 a.m.•1 views

Observium cross-site scripting vulnerability (CNVD-2020-62452)

Observium is a low-maintenance auto-discovery network monitoring platform that supports multiple device types, platforms and operating systems. Observium suffers from a cross-site scripting vulnerability. An attacker can exploit this vulnerability to inject and store malicious JavaScript code via...

6.1CVSS6.5AI score0.00317EPSS

Exploits1References1

CNVD•added 2020/09/27 12:0 a.m.•2 views

Observium cross-site scripting vulnerability (CNVD-2020-62448)

6.1CVSS6.5AI score0.0024EPSS

Exploits1References1

CNVD•added 2020/09/27 12:0 a.m.•2 views

Observium Cross-Site Scripting Vulnerability (CNVD-2020-54792)

6.1CVSS6.5AI score0.0024EPSS

Exploits1References1

Positive Technologies•added 2020/09/14 12:0 a.m.•2 views

PT-2020-16075 · Mike Rooijackers · Recall Products

Name of the Vulnerable Software and Affected Versions: Wordpress Plugin Store / Mike Rooijackers Recall Products version 0.8 Description: The issue allows for Cross Site Scripting XSS via the 'Recall Settings' field in admin.php. An attacker can inject JavaScript code that will be stored and...

5.4CVSS5.2AI score0.00162EPSS

Exploits1References3

OSV•added 2020/09/03 5:15 p.m.•1 views

CVE-2020-25102

silverstripe-advancedreports aka the Advanced Reports module for SilverStripe 1.0 through 2.0 is vulnerable to Cross-Site Scripting XSS because it is possible to inject and store malicious JavaScript code. The affects admin/advanced-reports/DataObjectReport/EditForm/field/DataObjectReport/item ak...

6.1CVSS6.4AI score

Exploits0References2

OSV•added 2020/05/13 3:15 p.m.•1 views

DEBIAN-CVE-2020-8020

A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. This issue affects: openSUSE open-build-service versions prior to 7cc32c8e2ff7290698e101d9a80a9dc29a5500fb...

6.1CVSS6.5AI score0.0022EPSS

Exploits0References1

CVE•added 2019/07/03 7:43 p.m.•256 views

CVE-2019-12843

CVE-2019-12843 is a stored JavaScript injection vulnerability in JetBrains TeamCity that requires deliberate server administrator action to trigger. The issue was fixed in TeamCity 2018.2.3. Connected sources confirm the vulnerability and the remediation, but do not provide additional exploit det...

6.1CVSS6.3AI score0.00003EPSS

Exploits0References1Affected Software1

OSV•added 2019/05/08 4:29 p.m.•0 views

CVE-2019-11643

Persistent XSS has been found in the OneShield Policy Dragon Core framework before 5.1.10. Remote adversaries can inject malicious JavaScript into textboxes decorated with type string, which is subsequently stored to the applicable data store. This can be exploited remotely by both authenticated...

6.1CVSS6.2AI score

Exploits0References2

OSV•added 2019/04/08 3:29 p.m.•2 views

CVE-2018-19006

OSIsoft PI Vision, versions PI Vision 2017, and PI Vision 2017 R2, The application contains a cross-site scripting vulnerability where displays that reference AF elements and attributes containing JavaScript are affected. This vulnerability requires the ability of authorized AF users to store...

4.8CVSS5.7AI score

Exploits0References1

OSV•added 2017/11/10 2:29 a.m.•1 views

CVE-2017-16568

Persistent Cross-Site Scripting XSS vulnerability in Logitech Media Server 7.9.0, affecting the "Radio" functionality. This vulnerability allows attackers to inject malicious JavaScript payloads, which become permanently stored on the server and execute when a user plays the compromised radio...

5.4CVSS5.8AI score0.00304EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by