Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5210 matches found

CVE
CVEadded 2024/07/09 12:0 a.m.62 views

CVE-2024-40738

Summary: CVE-2024-40738 is a cross-site scripting (XSS) vulnerability affecting NetBox v4.0.3. The issue arises from lack of proper filtering/escaping of user-supplied data in the Name parameter at the URL path /dcim/console-ports/{id}/edit/, allowing an attacker to inject arbitrary HTML/JS. Docu...

7.1CVSS5.6AI score0.00353EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2024/07/09 12:0 a.m.59 views

CVE-2024-40740

CVE-2024-40740 is an XSS vulnerability in NetBox v4.0.3. The issue arises from insufficient filtering/escaping of user-supplied data in the Name parameter of the /dcim/power-feeds/{id}/edit/ endpoint, allowing an attacker to inject arbitrary HTML/JS. Multiple connected sources confirm the affecte...

7.1CVSS5.6AI score0.00398EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/07/09 12:0 a.m.19 views

CVE-2024-40733

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/front-ports/id/edit/...

5.8AI score0.004EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/07/09 12:0 a.m.12 views

CVE-2024-40739

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-feeds/add...

5.6AI score0.00376EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.20 views

CVE-2024-40740

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-feeds/id/edit/...

0.00398EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.21 views

CVE-2024-40735

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-outlets/id/edit/...

0.00353EPSS
Exploits1References1
CVE
CVEadded 2024/07/09 12:0 a.m.57 views

CVE-2024-40735

CVE-2024-40735 : A cross-site scripting (XSS) vulnerability affects NetBox v4.0.3. The issue arises from lack of proper filtering/escaping of user-supplied data in the Name parameter of the page /dcim/power-outlets/{id}/edit/ , allowing an attacker to inject arbitrary HTML/JS. The CVSS v3.1 base ...

6.1CVSS5.8AI score0.00353EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2024/07/09 12:0 a.m.67 views

CVE-2024-40728

NetBox v4.0.3 is affected by an XSS flaw in the /dcim/console-server-ports/{id}/edit/ Name field due to insufficient filtering/escaping of user input. Multiple sources (Red Hat, CNVD, OSV, NVD, CVE listings) confirm a cross-site scripting vulnerability that could allow an attacker to inject arbit...

7.1CVSS5.8AI score0.00353EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/07/09 12:0 a.m.16 views

CVE-2024-40731

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/id/edit/...

5.8AI score0.00353EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/07/09 12:0 a.m.15 views

CVE-2024-40730

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/id/edit/...

5.6AI score0.004EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/07/09 12:0 a.m.12 views

CVE-2024-40729

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/add/...

5.9AI score0.004EPSS
Exploits1References1
CVE
CVEadded 2024/07/09 12:0 a.m.49 views

CVE-2024-40726

The CVE-2024-40726 entry concerns NetBox v4.0.3 with a cross-site scripting (XSS) vulnerability exposed via the Name parameter in /dcim/power-ports/{id}/edit/. The Red Hat and CNVD/CNVD-style entries corroborate the same flaw. Root cause: lack of proper filtering/escaping of user-supplied data in...

6.1CVSS5.6AI score0.00376EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2024/07/09 12:0 a.m.63 views

CVE-2024-40730

NetBox v4.0.3 contains an XSS vulnerability: a crafted payload placed in the Name parameter at /dcim/interfaces/{id}/edit/ can execute arbitrary HTML/JS in authenticated user sessions. The issue stems from insufficient input filtering/escaping in that endpoint. Impact is described as cross-site s...

6.1CVSS5.6AI score0.004EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2024/07/09 12:0 a.m.57 views

CVE-2024-40732

CVE-2024-40732 describes a cross-site scripting (XSS) vulnerability in NetBox v4.0.3. The issue allows an attacker to inject arbitrary HTML/ scripts via the Name parameter in the /dcim/rear-ports/add/ endpoint. Affected software: NetBox v4.0.3 (DCIM/IPAM context). Root cause: lack of proper filte...

7.1CVSS5.6AI score0.004EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/07/09 12:0 a.m.14 views

CVE-2024-40727

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/add/...

5.8AI score0.00353EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.15 views

CVE-2024-40731

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/id/edit/...

0.00353EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.18 views

CVE-2024-40739

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-feeds/add...

0.00376EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.12 views

CVE-2024-38972

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/add/...

0.00353EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/07/09 12:0 a.m.18 views

CVE-2024-40738

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-ports/id/edit/...

5.9AI score0.00353EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.21 views

CVE-2024-40730

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/id/edit/...

0.004EPSS
Exploits1References1
Rows per page
Query Builder