CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

CVE-2026-48823

Technical details are not publicly available in the provided documents. Monitor for updates from Shaarli advisories and releases.

4.8CVSS5.4AI score0.00025EPSS

Exploits0References2

NVD•added 2026/04/07 11:16 a.m.•2 views

CVE-2026-4420

Bludit is vulnerable to Stored Cross-Site Scripting XSS in its page creating functionality. An authenticated attacker with page creation privileges such as Author, Editor, or Administrator can embed a malicious JavaScript payload in the tags field of a newly created article. This payload will be...

5.4CVSS0.00161EPSS

Exploits0References2

Vulnrichment•added 2026/04/07 10:46 a.m.•1 views

CVE-2026-4420 Stored XSS via Page Creating functionality in Bludit

5.1CVSS5.8AI score0.00161EPSS

Exploits0References2

Cvelist•added 2026/04/07 10:46 a.m.•15 views

CVE-2026-4420 Stored XSS via Page Creating functionality in Bludit

5.1CVSS0.00161EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 10:39 a.m.•5 views

CVE-2022-35174

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

5.4CVSS5.5AI score0.00547EPSS

Exploits1References1

EUVD•added 2025/10/17 5:50 p.m.•5 views

EUVD-2025-34915

ClipBucket v5 is an open source video sharing platform. ClipBucket v5 through build 5.5.2 145 allows stored cross-site scripting XSS in multiple video and photo metadata fields. For videos the Tags field and the Genre, Actors, Producer, Executive Producer, and Director fields in Movieinfos accept...

5.4CVSS5.4AI score0.00239EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-2068

Malware in sbrugna...

5.4CVSS5.5AI score0.00477EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-8529

Malware in sbrugna...

5.4CVSS5.5AI score0.00616EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-26573

Malicious code in bioql PyPI...

4.8CVSS6.4AI score0.00289EPSS

Exploits0References1

OSV•added 2025/09/03 10:18 p.m.•2 views

GHSA-9V8P-M85M-F7MM Mautic vulnerable to reflected XSS in lead:addLeadTags - Quick Add

Summary A Cross-Site Scripting XSS vulnerability allows an attacker to execute arbitrary JavaScript in the context of another user’s session. This occurs because user-supplied input is reflected back in the server’s response without proper sanitization or escaping, potentially enabling malicious...

4.8CVSS5.9AI score0.00289EPSS

Exploits0References3

CNNVD•added 2024/10/02 12:0 a.m.•3 views

Zenario CMS 安全漏洞

Zenario CMS is a Zenario open source application . Provides a Web-based content management system . A cross-site scripting vulnerability exists in Zenario CMS version 9.7.61188, which stems from the lack of effective filtering and escaping of user-supplied data in the "Organizer tags" field and c...

4.8CVSS6AI score0.00336EPSS

Exploits1References2

Github Security Blog•added 2022/08/19 12:0 a.m.•19 views

Cross site scripting in getkirby/starterkit

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

5.4CVSS5.1AI score0.00547EPSS

Exploits1References4Affected Software1

OSV•added 2022/08/19 12:0 a.m.•17 views

GHSA-4M2G-668V-JWJX Cross site scripting in getkirby/starterkit

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

5.4CVSS5.2AI score0.00547EPSS

Exploits1References4

ATTACKERKB•added 2022/08/18 6:15 p.m.•2 views

CVE-2022-35174

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

5.4CVSS5.9AI score0.00547EPSS

Exploits1References3

OSV•added 2022/08/18 6:15 p.m.•18 views

CVE-2022-35174

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

5.4CVSS5.3AI score

Exploits0References2

Cvelist•added 2022/08/18 5:27 p.m.•17 views

CVE-2022-35174

A stored cross-site scripting XSS vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field...

5.4AI score0.00547EPSS

Exploits1References2

CNNVD•added 2022/08/18 12:0 a.m.•4 views

Kirby 跨站脚本漏洞

Kirby is a file-based content management system CMS. A cross-site scripting vulnerability exists in Kirby Starterkit version v3.7.0.2. An attacker can execute arbitrary web script or HTML via a specially crafted payload injected into the Tags field...

5.4CVSS5.7AI score0.00547EPSS

Exploits1References3

Github Security Blog•added 2021/09/30 5:13 p.m.•40 views

Cross-site Scripting in GilaCMS

A cross-site scripting XSS vulnerability in /admin/content/post of GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Tags field...

5.4CVSS5.1AI score0.00477EPSS

Exploits1References3Affected Software1

OSV•added 2021/09/30 5:13 p.m.•16 views

GHSA-H7MQ-27R7-W972 Cross-site Scripting in GilaCMS

A cross-site scripting XSS vulnerability in /admin/content/post of GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Tags field...

5.4CVSS5.2AI score0.00477EPSS

Exploits1References3

OSV•added 2021/09/27 10:15 p.m.•1 views

CVE-2020-20696

A cross-site scripting XSS vulnerability in /admin/content/post of GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Tags field...

5.4CVSS5.9AI score0.00477EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by