CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

RedhatCVE•added 2025/05/23 1:52 a.m.•5 views

CVE-2023-37742

WebBoss.io CMS before v3.7.0.1 was discovered to contain a reflected cross-site scripting XSS vulnerability...

6.1CVSS6.3AI score0.00638EPSS

Exploits0References1

ATTACKERKB•added 2023/08/03 3:15 p.m.•2 views

CVE-2023-39096

WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting XSS vulnerability due to lack of input validation and output encoding...

5.4CVSS6.1AI score0.00106EPSS

Exploits0References2

NVD•added 2023/08/03 3:15 p.m.•12 views

CVE-2023-39096

WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting XSS vulnerability due to lack of input validation and output encoding...

5.4CVSS5.2AI score0.00106EPSS

Exploits0References1

Prion•added 2023/08/03 3:15 p.m.•11 views

Cross site scripting

WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting XSS vulnerability due to lack of input validation and output encoding...

4.9CVSS5.2AI score0.00106EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2023/08/03 12:0 a.m.•3 views

PT-2023-26780 · Unknown · Webboss.Io Cms

Name of the Vulnerable Software and Affected Versions: WebBoss.io CMS version 3.7.0.1 Description: The issue is related to a stored Cross-Site Scripting XSS vulnerability. This occurs due to a lack of input validation and output encoding, allowing malicious scripts to be stored and executed...

5.4CVSS5AI score0.00106EPSS

Exploits0References3

Cvelist•added 2023/08/03 12:0 a.m.•12 views

CVE-2023-39096

WebBoss.io CMS v3.7.0.1 contains a stored Cross-Site Scripting XSS vulnerability due to lack of input validation and output encoding...

5.4AI score0.00106EPSS

Exploits0References1

NVD•added 2023/07/21 8:15 p.m.•7 views

CVE-2023-36339

An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request...

7.5CVSS7.4AI score0.00109EPSS

Exploits0References2

ATTACKERKB•added 2023/07/21 8:15 p.m.•0 views

CVE-2023-36339

An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request...

7.5CVSS7.2AI score0.00109EPSS

Exploits0References3

Prion•added 2023/07/21 8:15 p.m.•9 views

Cross site request forgery (csrf)

An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request...

5CVSS7.4AI score0.00109EPSS

Exploits0References2Affected Software1

OSV•added 2023/07/21 4:15 p.m.•0 views

CVE-2023-37742

WebBoss.io CMS before v3.7.0.1 was discovered to contain a reflected cross-site scripting XSS vulnerability...

6.1CVSS5.7AI score

Exploits0References3

NVD•added 2023/07/21 4:15 p.m.•10 views

CVE-2023-37742

WebBoss.io CMS before v3.7.0.1 was discovered to contain a reflected cross-site scripting XSS vulnerability...

6.1CVSS6.1AI score0.00638EPSS

Exploits0References3

Vulnrichment•added 2023/07/21 12:0 a.m.•11 views

CVE-2023-37742

WebBoss.io CMS before v3.7.0.1 was discovered to contain a reflected cross-site scripting XSS vulnerability...

6.3AI score0.00638EPSS

Exploits0References3

Vulnrichment•added 2023/07/21 12:0 a.m.•10 views

CVE-2023-36339

An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request...

6.8AI score0.00109EPSS

Exploits0References2

CVE•added 2023/07/21 12:0 a.m.•36 views

CVE-2023-36339

CVE-2023-36339 affects WebBoss.io CMS v3.7.0.1. The vulnerability is an access control issue that lets attackers reach the Website Backup Tool via a crafted GET request. Exploit status and remediation details are not provided in the connected documents.

7.5CVSS7.3AI score0.00109EPSS

Exploits0References2Affected Software1

CVE•added 2023/07/21 12:0 a.m.•29 views

CVE-2023-37742

The CVE-2023-37742 entry concerns WebBoss.io CMS, specifically versions prior to 3.7.0.1, which are affected by a reflected cross-site scripting (XSS) vulnerability. The vulnerability stems from unvalidated or improperly escaped user input reflected back in responses, enabling a malicious user to...

6.1CVSS6AI score0.00638EPSS

Exploits0References3Affected Software1

Cvelist•added 2023/07/21 12:0 a.m.•14 views

CVE-2023-36339

An access control issue in WebBoss.io CMS v3.7.0.1 allows attackers to access the Website Backup Tool via a crafted GET request...

7.6AI score0.00109EPSS

Exploits0References2

Positive Technologies•added 2023/07/21 12:0 a.m.•1 views

PT-2023-26087 · Unknown · Webboss.Io Cms

Name of the Vulnerable Software and Affected Versions: WebBoss.io CMS versions prior to 3.7.0.1 Description: A reflected cross-site scripting XSS issue was found in the software. This type of issue occurs when an application takes user input and sends it back to the user without proper validation...

6.1CVSS5.9AI score0.00638EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by