CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

162 matches found

OSV•added 2024/08/26 8:15 p.m.•1 views

CVE-2024-44797

A cross-site scripting XSS vulnerability in the component /managers/enablerequests.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the view parameter...

6.1CVSS5.9AI score

Exploits0References3

CNNVD•added 2024/08/26 12:0 a.m.•4 views

Gazelle 安全漏洞

Gazelle is a web framework for private BitTorrent trackers from the individual developers at WhatCD. Gazelle has a security vulnerability that stems from a cross-site scripting vulnerability in the view parameter of the /managers/enablerequests.php file...

6.1CVSS6.1AI score0.00374EPSS

Exploits1References4

OSV•added 2024/08/06 1:15 p.m.•3 views

CVE-2024-33992

Cross-Site Scripting XSS vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'view' parameter in '/student/index.php'...

6.1CVSS5.8AI score0.00239EPSS

Exploits0References1

OSV•added 2024/08/06 1:15 p.m.•2 views

CVE-2024-33993

Cross-Site Scripting XSS vulnerability in School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session details via the 'view' parameter in /candidate/index.php'...

6.1CVSS5.8AI score

Exploits0References1

OSV•added 2024/08/06 1:15 p.m.•2 views

CVE-2024-33991

6.1CVSS5.8AI score0.00239EPSS

Exploits0References1

OSV•added 2024/08/06 1:15 p.m.•3 views

CVE-2024-33994

6.1CVSS5.8AI score0.00239EPSS

Exploits0References1

NVD•added 2024/08/06 1:15 p.m.•15 views

CVE-2024-33991

7.1CVSS0.00239EPSS

Exploits0References1

OSV•added 2024/08/06 1:15 p.m.•1 views

CVE-2024-33986

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'View' parameter in...

6.1CVSS5.8AI score0.00291EPSS

Exploits0References1

NVD•added 2024/08/06 1:15 p.m.•17 views

CVE-2024-33986

7.1CVSS0.00291EPSS

Exploits0References1

OSV•added 2024/08/06 1:15 p.m.•2 views

CVE-2024-33985

6.1CVSS5.8AI score0.00291EPSS

Exploits0References1

CVE•added 2024/08/06 1:9 p.m.•34 views

CVE-2024-33994

The CVE-2024-33994 describes a Cross-Site Scripting (XSS) vulnerability in School Event Management System version 1.0. The issue is triggered by crafting a URL that targets the view parameter in /event/index.php, enabling an attacker to obtain a victim’s session details. The NVD entry lists the a...

7.1CVSS5.7AI score0.00239EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/08/06 1:9 p.m.•11 views

CVE-2024-33993 Cross-Site Scripting (XSS) vulnerability in Janobe School Event Management System

7.1CVSS5.7AI score0.00239EPSS

Exploits0References1

Cvelist•added 2024/08/06 1:9 p.m.•25 views

CVE-2024-33993 Cross-Site Scripting (XSS) vulnerability in Janobe School Event Management System

7.1CVSS0.00239EPSS

Exploits0References1

CVE•added 2024/08/06 1:9 p.m.•43 views

CVE-2024-33993

CVE-2024-33993 describes a Cross-Site Scripting (XSS) vulnerability in School Event Management System v1.0. The issue is triggered when an attacker constructs a specially crafted URL exploiting the 'view' parameter in /candidate/index.php to obtain a victim’s session details. The connected source...

7.1CVSS5.7AI score0.00239EPSS

Exploits0References1Affected Software1

CVE•added 2024/08/06 1:7 p.m.•44 views

CVE-2024-33992

CVE-2024-33992 is a Cross-Site Scripting (XSS) vulnerability in School Event Management System v1.0. The flaw allows an attacker to craft a query to the server and retrieve all stored data through the view parameter in /student/index.php. Connected sources corroborate the vulnerability and recomm...

7.1CVSS5.4AI score0.00239EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/08/06 1:7 p.m.•18 views

CVE-2024-33992 Cross-Site Scripting (XSS) vulnerability in Janobe School Event Management System

7.1CVSS5.4AI score0.00239EPSS

Exploits0References1

CVE•added 2024/08/06 1:6 p.m.•31 views

CVE-2024-33990

CVE-2024-33990 describes a Cross-Site Scripting (XSS) vulnerability in School Event Management System v1.0 . The issue can be triggered by an authenticated user who receives a specially crafted payload via the id and view parameters in /user/index.php , allowing an attacker to partially take over...

7.1CVSS5.6AI score0.00239EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/08/06 1:6 p.m.•20 views

CVE-2024-33990 Cross-Site Scripting (XSS) vulnerability in Janobe School Event Management System

Cross-Site Scripting XSS vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser session via the 'id' and 'view' parameters ...

7.1CVSS0.00239EPSS

Exploits0References1

Vulnrichment•added 2024/08/06 1:2 p.m.•17 views

CVE-2024-33986 Cross-Site Scripting (XSS) vulnerability in Janobe products

7.1CVSS5.8AI score0.00291EPSS

Exploits0References1

CVE•added 2024/08/06 1:2 p.m.•32 views

CVE-2024-33986

The CVE-2024-33986 issue is a Cross-Site Scripting (XSS) vulnerability in Janobe-based School Attendance Monitoring System and School Event Management System (version 1.0). The root cause is untrusted input in the web interface that can be injected via the View parameter in /department/index.php,...

7.1CVSS6.2AI score0.00291EPSS

Exploits0References1Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by