CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

RedhatCVE•added 2026/02/04 1:20 p.m.•3 views

CVE-2026-0617

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer profile fields in all versions up to, and including, 5.2.5 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS5.6AI score0.00057EPSS

Exploits0References1

NVD•added 2026/02/03 7:16 a.m.•2 views

CVE-2026-0617

7.2CVSS0.00057EPSS

Exploits0References5

RedhatCVE•added 2026/01/20 3:27 a.m.•4 views

CVE-2026-1135

A security flaw has been discovered in itsourcecode Society Management System 1.0. This impacts an unknown function of the file /admin/activity.php. The manipulation of the argument Title results in cross site scripting. The attack may be launched remotely. The exploit has been released to the...

6.1CVSS3.9AI score0.00021EPSS

Exploits1References1

NVD•added 2026/01/19 4:15 a.m.•2 views

CVE-2026-1135

6.1CVSS0.00021EPSS

Exploits1References5

OSV•added 2026/01/19 4:15 a.m.•0 views

CVE-2026-1135

6.1CVSS4.2AI score0.00021EPSS

Exploits1References5

ATTACKERKB•added 2026/01/19 3:2 a.m.•2 views

CVE-2026-1135

6.1CVSS3.9AI score0.00021EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2026/01/19 3:2 a.m.•1 views

CVE-2026-1135 itsourcecode Society Management System activity.php cross site scripting

5.3CVSS3.9AI score0.00021EPSS

Exploits1References5

Positive Technologies•added 2026/01/19 12:0 a.m.•5 views

PT-2026-3422

5.3CVSS5.6AI score0.00021EPSS

Exploits1References5

Gitee•added 2025/09/13 4:36 a.m.•97 views

security-analytics

This repository is a community-driven set of security analytics for auditing cloud usage and detecting threats to data & workloads in Google Cloud. It provides a list of sample security analytics for auditing cloud usage and detecting threats, which may assist detection engineers, threat hunters,...

7.3AI score

Exploits0

Veracode•added 2024/09/17 5:16 a.m.•6 views

Cross Site Scripting(XSS)

Decidim is vulnerable to Cross-Site Scripting XSS attacks. The vulnerability is due to improper sanitization of admin activity logs, allowing XSS payloads to be injected when an admin assigns a valuator to a proposal or performs other actions that generate logs with malicious content...

6.8CVSS5.2AI score0.00567EPSS

Exploits0References6Affected Software1

NVD•added 2024/09/16 7:16 p.m.•14 views

CVE-2024-32034

decidim is a Free Open-Source participatory democracy, citizen participation and open government for cities and organizations. The admin panel is subject to potential Cross-site scripting XSS attach in case an admin assigns a valuator to a proposal, or does any other action that generates an admi...

6.8CVSS0.00567EPSS

Exploits0References5

Vulnrichment•added 2024/09/16 6:38 p.m.•22 views

CVE-2024-32034 Cross-site scripting (XSS) in the decidim admin activity log

6.8CVSS5.7AI score0.00567EPSS

Exploits0References5

CVE•added 2024/09/16 6:38 p.m.•30 views

CVE-2024-32034

Summary: CVE-2024-32034 is a cross-site scripting (XSS) vulnerability in the Decidim admin activity log when an admin assigns a valuator to a proposal or performs an action that creates an admin log with an XSS payload. Affected versions: Decidim before 0.27.7 and before 0.28.2 (with fixes in 0.2...

6.8CVSS5.5AI score0.00567EPSS

Exploits0References5Affected Software1

Github Security Blog•added 2024/09/16 5:17 p.m.•14 views

Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin activity log

Impact The admin panel is subject to potential XSS attach in case an admin assigns a valuator to a proposal, or does any other action that generates an admin activity log where one of the resources has an XSS crafted. Patches N/A Workarounds Redirect the pages /admin and /admin/logs to other admi...

6.8CVSS6AI score0.00567EPSS

Exploits0References8Affected Software1

OSV•added 2024/09/16 5:17 p.m.•8 views

GHSA-RX9F-5GGV-5RH6 Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin activity log

6.8CVSS5.5AI score0.00567EPSS

Exploits0References8

RubySec•added 2024/09/16 12:0 a.m.•11 views

Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin activity log

6.8CVSS6AI score0.00567EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/09/16 12:0 a.m.•3 views

PT-2024-24369 · Decidim · Decidim

Name of the Vulnerable Software and Affected Versions: Decidim versions prior to 0.27.7 Decidim versions prior to 0.28.2 Description: The admin panel of Decidim is subject to potential Cross-site scripting XSS attacks when an admin assigns a valuator to a proposal or performs any other action tha...

6.8CVSS5.6AI score0.00567EPSS

Exploits0References15

CNNVD•added 2023/06/28 12:0 a.m.•1 views

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from the presence of missing permission checks in multiple methods of the DataUsageList.java file, with a possible way to learn about the network activity of an administrat...

5.5CVSS5.7AI score0.00061EPSS

Exploits0References2

seebug.org•added 2014/10/28 12:0 a.m.•14 views

ShopBuilder 5.6.1 /module/activity/admin_activity_product_list.php SQL注入漏洞

No description provided by source. !/usr/bin/env python coding=utf-8 import re import urllib2 from comm import cmdline from comm import generic pocinfo = 'VulId': '1563', 'Name': 'ShopBuilder 5.6.1 /module/activity/adminactivityproductlist.php SQL注入漏洞 POC', 'AppName': 'ShopBuilder', 'AppPowerLink...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by