CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

EUVD•added 2026/05/07 6:30 p.m.•4 views

EUVD-2026-28390

Cross-Site Scripting XSS vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint...

5.4CVSS5.8AI score0.00033EPSS

Exploits0References6

Snyk•added 2026/05/07 5:35 p.m.•3 views

Cross-site Scripting (XSS)

Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Cross-site Scripting XSS via unsanitized input in th...

6.1CVSS5.8AI score0.00033EPSS

Exploits0References2

NVD•added 2026/05/07 4:16 p.m.•10 views

CVE-2026-36341

5.4CVSS0.00033EPSS

Exploits0References5

ATTACKERKB•added 2026/05/07 12:0 a.m.•2 views

CVE-2026-36341

5.4CVSS5.8AI score0.00033EPSS

Exploits0References6

Cvelist•added 2026/05/07 12:0 a.m.•21 views

CVE-2026-36341

0.00033EPSS

Exploits0References5

CNNVD•added 2026/05/07 12:0 a.m.•5 views

Webkul Krayin CRM 跨站脚本漏洞

Webkul Krayin CRM is a free and open-source CRM solution for small and medium-sized businesses developed by the Indian company Webkul. Version 2.1.5 of Webkul Krayin CRM contains a cross-site scripting vulnerability. This vulnerability arises from the lack of cleanup of user input during the...

5.4CVSS5.6AI score0.00033EPSS

Exploits0References1

Vulnrichment•added 2026/05/07 12:0 a.m.•3 views

CVE-2026-36341

5.8AI score0.00033EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-5956

Malware in sbrugna...

4.3CVSS5.4AI score0.00155EPSS

Exploits0References3

CNNVD•added 2024/06/14 12:0 a.m.•2 views

Nextcloud 安全漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Calendar, which can be exploited by an authenticated attacker to create attachments that link to other websites v...

4.6CVSS4.8AI score0.00426EPSS

Exploits0References4

NVD•added 2021/03/19 9:15 p.m.•13 views

CVE-2019-14829

A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode...

4.3CVSS0.00155EPSS

Exploits0References2

OSV•added 2021/03/19 9:15 p.m.•12 views

CVE-2019-14829

4.3CVSS6.7AI score

Exploits0References2

UbuntuCve•added 2021/03/19 9:15 p.m.•18 views

CVE-2019-14829

4.3CVSS6.2AI score0.00155EPSS

Exploits0References3

Prion•added 2021/03/19 9:15 p.m.•6 views

Design/Logic Flaw

4CVSS4.5AI score0.00155EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/03/19 8:11 p.m.•14 views

CVE-2019-14829

4.5AI score0.00155EPSS

Exploits0References2

CVE•added 2021/03/19 8:11 p.m.•67 views

CVE-2019-14829

CVE-2019-14829 affects Moodle affection versions 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7, and earlier unsupported versions. The root cause is that activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode. The provided doc...

4.3CVSS4.4AI score0.00155EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2020/03/18 12:0 a.m.•1 views

PT-2020-9055 · Pki-Core +1 · Pki-Core +1

Name of the Vulnerable Software and Affected Versions: pki-core affected versions not specified Description: The Token Processing Service TPS did not properly sanitize the Token IDs from the "Activity" page, enabling a Stored Cross Site Scripting XSS vulnerability. An unauthenticated attacker cou...

6.1CVSS5.3AI score0.0024EPSS

Exploits0References13

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by