CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

OSV•added 2026/02/19 1:16 p.m.•1 views

CVE-2019-25404

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input through admin management parameters. Attackers can inject script payloads in the adminname, name, and surname parameters via...

5.4CVSS5.7AI score0.00018EPSS

Exploits1References4

Positive Technologies•added 2026/02/19 12:0 a.m.•1 views

PT-2026-20807

6.4CVSS5.2AI score0.00018EPSS

Exploits1References4

Vulnrichment•added 2026/02/18 9:55 p.m.•3 views

CVE-2019-25401 Bematech Printer MP-4200 TH Denial of Service

Bematech formerly Logic Controls, now Elgin MP-4200 TH printer contains a denial of service vulnerability in the admin configuration page. Remote attackers can send crafted POST requests with malformed 'admin' and 'person' parameters to crash the printer's web service, causing a denial of service...

8.7CVSS5.6AI score0.00151EPSS

Exploits0References4

NVD•added 2026/02/07 12:15 a.m.•3 views

CVE-2020-37106

Business Live Chat Software 1.0 contains a cross-site request forgery vulnerability that allows attackers to change user account roles without authentication. Attackers can craft a malicious HTML form to modify user privileges by submitting a POST request to the user creation endpoint with...

5.3CVSS0.00011EPSS

Exploits0References3

RedhatCVE•added 2025/12/16 8:44 p.m.•2 views

CVE-2023-53880

Lucee 5.4.2.17 contains a reflected cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through administrative interface parameters. Attackers can craft specific payloads targeting admin pages like server.cfm and web.cfm to execute arbitrary JavaScri...

4.8CVSS6.4AI score0.00051EPSS

Exploits0References1