CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2006-1907

Malware in sbrugna...

7.5CVSS6.4AI score0.00619EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-15804

Malware in sbrugna...

6.1CVSS6.3AI score0.00328EPSS

Exploits1References2

CNVD•added 2021/10/25 12:0 a.m.•12 views

SeedDMS cross-site scripting vulnerability (CNVD-2022-05448)

SeedDMS is a free document management system with an easy-to-use web-based user interface. A cross-site scripting vulnerability exists in the AddEvent.php component in SeedDMS version 6.0.7. The vulnerability can be exploited to inject malicious script code via the name and comment parameters...

6.1CVSS6AI score0.00328EPSS

Exploits1References1

OSV•added 2021/10/22 8:15 p.m.•1 views

CVE-2020-23048

SeedDMS Content Management System v6.0.7 contains a persistent cross-site scripting XSS vulnerability in the component AddEvent.php via the name and comment parameters...

6.1CVSS5.7AI score0.00328EPSS

Exploits1References1

NVD•added 2021/10/22 8:15 p.m.•7 views

CVE-2020-23048

SeedDMS Content Management System v6.0.7 contains a persistent cross-site scripting XSS vulnerability in the component AddEvent.php via the name and comment parameters...

6.1CVSS0.00328EPSS

Exploits1References1

Prion•added 2021/10/22 8:15 p.m.•13 views

Cross site scripting

SeedDMS Content Management System v6.0.7 contains a persistent cross-site scripting XSS vulnerability in the component AddEvent.php via the name and comment parameters...

4.3CVSS5.9AI score0.00328EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/10/22 7:20 p.m.•12 views

CVE-2020-23048

SeedDMS Content Management System v6.0.7 contains a persistent cross-site scripting XSS vulnerability in the component AddEvent.php via the name and comment parameters...

6AI score0.00328EPSS

Exploits1References1

CVE•added 2021/10/22 7:20 p.m.•35 views

CVE-2020-23048

SeedDMS Content Management System v6.0.7 contains a persistent cross-site scripting (XSS) vulnerability in the AddEvent.php component, exploitable via the name and comment parameters. The issue is confirmed in multiple sources (CVE-2020-23048; RH, NVD, CNVD, CVE lists) and affects the AddEvent.ph...

6.1CVSS5.9AI score0.00328EPSS

Exploits1References1Affected Software1

Exploit DB•added 2020/04/15 12:0 a.m.•224 views

SeedDMS 5.1.18 - Persistent Cross-Site Scripting

Title: SeedDMS 5.1.18 - Persistent Cross-Site Scripting Author: Vulnerability Laboratory Date: 2020-04-15 Vendor: https://www.seeddms.org Software Link: https://www.seeddms.org/index.php?id=7 CVE: N/A Document Title: =============== SeedDMS v5.1.18 - Multiple Persistent Web Vulnerabilities...

7.4AI score

Exploits0

NVD•added 2008/04/27 7:5 p.m.•9 views

CVE-2008-1974

Cross-site scripting XSS vulnerability in addevent.php in Horde Kronolith 2.1.7, Groupware Webmail Edition 1.0.6, and Groupware 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the url parameter...

4.3CVSS5.5AI score0.02152EPSS

Exploits1References14

CVE•added 2008/04/27 7:0 p.m.•48 views

CVE-2008-1974

CVE-2008-1974 is an XSS vulnerability in Horde Kronolith (Kronolith 2.1.x and Groupware variants) where the url parameter in addevent.php can inject arbitrary script/HTML. The issue is reported as insufficient input sanitisation in Kronolith’s add-event flow, allowing remote attackers to execute ...

4.3CVSS5.4AI score0.02152EPSS

Exploits1References14Affected Software2

Prion•added 2006/04/20 6:6 p.m.•10 views

Sql injection

Multiple SQL injection vulnerabilities in myEvent 1.x allow remote attackers to inject arbitrary SQL commands via the eventid parameter to 1 addevent.php or 2 del.php or 3 eventdesc parameter to addevent.php. NOTE: the provenance of this information is unknown; the details are obtained solely fro...

7.5CVSS8.2AI score0.00619EPSS

Exploits0References5Affected Software1

Prion•added 2006/04/20 6:6 p.m.•12 views

Cross site scripting

Cross-site scripting vulnerability in addevent.php in myEvent 1.x allows remote attackers to inject arbitrary web script or HTML via the eventdesc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

2.6CVSS6.2AI score0.00346EPSS

Exploits0References4Affected Software1

NVD•added 2006/04/20 6:6 p.m.•9 views

CVE-2006-1908

2.6CVSS5.9AI score0.00346EPSS

Exploits0References4

CVE•added 2006/04/20 6:0 p.m.•73 views

CVE-2006-1908

CVE-2006-1908 affects the myEvent 1.x web application. The core issue is a cross-site scripting vulnerability in addevent.php’s event_desc parameter, enabling injection of arbitrary script/HTML. Connected sources also describe additional flaws in the same product: unsanitized input to myevent_pat...

2.6CVSS5.9AI score0.00346EPSS

Exploits0References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by