Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedHat Linux
RedHat Linuxadded 2023/12/12 1:59 p.m.5 views

grafana: missing access control allows test alerts by underprivileged user

A flaw was found in grafana. This issue may allow a malicious user to craft a request to the API that enables them to send alert messages via the "API Alert - Test"...

6.4CVSS7.3AI score0.00903EPSS
Exploits1References5
Cvelist
Cvelistadded 2023/06/06 6:4 p.m.19 views

CVE-2023-2183

Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access t...

4.1CVSS6.8AI score0.00903EPSS
Exploits1References3
CNVD
CNVDadded 2020/09/27 12:0 a.m.2 views

Observium Cross-Site Scripting Vulnerability (CNVD-2020-54792)

Observium is a low-maintenance auto-discovery network monitoring platform that supports multiple device types, platforms and operating systems. Observium suffers from a cross-site scripting vulnerability. An attacker can inject and store malicious JavaScript code via...

6.1CVSS6.5AI score0.0024EPSS
Exploits1References1
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.13 views

FTLS GuestBook 1.1 Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6686/info Guestbook does not adequately filter HTML tags from various fields. This may enable an attacker to inject arbitrary script code into pages that are generated by the guestbook. The attacker's script code may be...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.11 views

httprint 202.0 HTTP Response Server Field Arbitrary Script Injection

No description provided by source. source: http://www.securityfocus.com/bid/16031/info httprint is prone to multiple remote vulnerabilities. The first issue may allow remote attackers to execute arbitrary HTML and script code in a user's browser. The second issue may allow remote attackers to cra...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2013/01/20 12:0 a.m.17 views

Adobe Experience Cross Site Scripting

---------------------------------------------------------------------------------------------------- Title : Adobe Experience Delivers reflected Cross-site Scripting XSS vulnerability Vendor : Adobe Systems Incorporated http://www.adobe.com Description : experiencedelivers.adobe.com is vulnerable...

0.7AI score
Exploits0
securityvulns
securityvulnsadded 2007/02/05 12:0 a.m.81 views

MysearchEngine XSS

MysearchEngine XSS By : sn0oPy Risk : low site : http://homeproduction.free.fr/ exploit : scriptalert'test'/script Dork : inurl:"MysearchEngine" contact : [email protected] greetz : subzero, http://forums.avenir-geopolitique.net. reference :...

7AI score
Exploits0
Rows per page
Query Builder