CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

VulnCheck KEV•added 2025/08/07 12:0 a.m.•5 views

VulnCheck KEV: CVE-2024-42852

Cross Site Scripting vulnerability in AcuToWeb server v.10.5.0.7577C8b allows a remote attacker to execute arbitrary code via the index.php component...

6.1CVSS6.2AI score0.00731EPSS

In wildExploits0References2

RedhatCVE•added 2025/05/23 7:26 a.m.•5 views

CVE-2024-42852

Cross Site Scripting vulnerability in AcuToWeb server v.10.5.0.7577C8b allows a remote attacker to execute arbitrary code via the index.php component...

6.1CVSS7.4AI score0.00731EPSS

Exploits0References1

NVD•added 2024/08/23 6:15 p.m.•16 views

CVE-2024-42852

Cross Site Scripting vulnerability in AcuToWeb server v.10.5.0.7577C8b allows a remote attacker to execute arbitrary code via the index.php component...

6.1CVSS0.00731EPSS

Exploits0References1

CVE•added 2024/08/23 12:0 a.m.•56 views

CVE-2024-42852

AcuToWeb server version 10.5.0.7577C8b is vulnerable to reflected cross-site scripting (XSS) via the portgw parameter. Un-sanitized user input is reflected in the response, enabling arbitrary JavaScript execution in victims’ browsers. Remediation: update AcuToWeb to the latest version and impleme...

6.1CVSS7.4AI score0.00731EPSS

In wildExploits0References1

Positive Technologies•added 2024/08/23 12:0 a.m.•3 views

PT-2024-30185 · Unknown · Acutoweb Server

Name of the Vulnerable Software and Affected Versions: AcuToWeb server version 10.5.0.7577C8b Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the "index.php" component. This enables the attacker to perform unauthorized actions on the affected syste...

6.1CVSS6.8AI score0.00731EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by