CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

CVE•added 2026/02/18 9:55 p.m.•7 views

CVE-2019-25401

Bematech MP-4200 TH printer (formerly Logic Controls, now Elgin) has a denial-of-service vulnerability in the admin configuration page. Remote attackers can send crafted POST requests with malformed 'admin' and 'person' parameters to crash the web service, causing DoS. CVSS metrics are provided: ...

8.7CVSS5.6AI score0.00422EPSS

Exploits0References4

Cvelist•added 2026/02/18 9:55 p.m.•25 views

CVE-2019-25401 Bematech Printer MP-4200 TH Denial of Service

Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a denial of service vulnerability in the admin configuration page. Remote attackers can send crafted POST requests with malformed 'admin' and 'person' parameters to crash the printer's web service, causing a denial of service...

8.7CVSS0.00422EPSS

Exploits0References4

CVE•added 2026/02/18 9:55 p.m.•12 views

CVE-2019-25356

CVE-2019-25356 affects Bematech MP-4200 TH printer (formerly Logic Controls, now Elgin). The admin configuration page is vulnerable to cross-site scripting via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript in an authenticated user...

6.1CVSS5.5AI score0.00282EPSS

Exploits0References4

ATTACKERKB•added 2026/02/18 9:55 p.m.•4 views

CVE-2019-25356

Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a cross-site scripting vulnerability in the admin configuration page. Attackers can inject malicious scripts via crafted POST requests with malformed 'admin' and 'person' parameters, allowing execution of arbitrary JavaScript...

6.1CVSS5.9AI score0.00282EPSS

Exploits0References4

OSV•added 2026/01/26 6:16 p.m.•4 views

CVE-2020-36956

Openfire 4.6.0 contains a stored cross-site scripting vulnerability in the nodejs plugin that allows attackers to inject malicious scripts through the 'path' parameter. Attackers can craft a payload with script tags to execute arbitrary JavaScript in the context of administrative users viewing th...

6.4CVSS5.9AI score0.00253EPSS

Exploits0References4

ATTACKERKB•added 2022/06/30 6:15 p.m.•3 views

CVE-2022-34814

Jenkins Request Rename Or Delete Plugin 1.1.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view an administrative configuration page listing pending requests...

4.3CVSS5.9AI score0.00501EPSS

Exploits0References2

Cvelist•added 2021/10/05 9:32 p.m.•13 views

CVE-2020-21506

waimai Super Cms 20150505 contains a cross-site scripting XSS vulnerability in the component /admin.php?m=Config&a=add...

6AI score0.00641EPSS

Exploits1References1

Positive Technologies•added 2020/09/16 12:0 a.m.•7 views

PT-2020-15483 · Cloudbees +1 · Jenkins Health Advisor By Cloudbees Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Health Advisor by CloudBees Plugin versions 3.2.0 and earlier Description: The issue arises from an incorrect permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view the endpoint, which includes a...

4.3CVSS4.4AI score0.00691EPSS

Exploits0References7

OSV•added 2018/06/14 11:29 p.m.•3 views

CVE-2018-12431

SeaCMS V6.61 has XSS via the site name parameter on an adm1n/adminconfig.php page aka a system management page...

4.8CVSS5.6AI score0.00534EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by