CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2020-17307

Malware in sbrugna...

9.1CVSS9.1AI score0.00562EPSS

Exploits0References2

RedhatCVE•added 2025/02/05 2:33 p.m.•7 views

CVE-2020-24590

The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML Entity Expansion attacks...

9.1CVSS6.8AI score0.00562EPSS

Exploits0

RedhatCVE•added 2025/02/05 2:32 p.m.•8 views

CVE-2020-24589

The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML External Entity injection XXE attacks...

9.1CVSS7.1AI score0.90156EPSS

Exploits0

VulnCheck KEV•added 2024/01/22 12:0 a.m.•1 views

VulnCheck KEV: CVE-2020-24589

The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML External Entity injection XXE attacks...

9.1CVSS7.3AI score0.90156EPSS

Exploits0References1

Veracode•added 2022/05/10 10:32 a.m.•18 views

XML Entity Expansion

WSO2 API Manager and API Microgateway are vulnerable to XML Entity Expansion attacks. The vulnerability exists due to XML Entity Expansion attacks and a lack of sanitization allowing an attacker to crash the system via an unauthenticated requests with a maliciously crafted XML file...

9.1CVSS4.3AI score0.00562EPSS

Exploits0References7Affected Software2

OSV•added 2022/04/21 2:15 a.m.•12 views

CVE-2022-29548

A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0,...

6.1CVSS5.9AI score

Exploits0References3

Prion•added 2022/04/21 2:15 a.m.•11 views

Cross site scripting

4.3CVSS5.9AI score0.76361EPSS

Exploits5References3Affected Software9

CVE•added 2022/04/21 12:0 a.m.•730 views

CVE-2022-29548

CVE-2022-29548 is a reflected Cross-Site Scripting (XSS) vulnerability in the WSO2 Management Console affecting API Manager and related products (e.g., API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0–3.2.0, 4.0.0; API Manager Analytics; API Microgateway; Data Analytics Server; Enterprise Integrator; IS as...

6.1CVSS5.8AI score0.76361EPSS

Exploits5References3Affected Software9

Prion•added 2020/08/27 4:15 p.m.•15 views

Cross site scripting

An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0,...

4.3CVSS6.2AI score0.00268EPSS

Exploits0References1Affected Software9

Positive Technologies•added 2020/08/27 12:0 a.m.•2 views

PT-2020-15815 · Wso2 · Wso2 Identity Server Analytics +8

Name of the Vulnerable Software and Affected Versions: WSO2 API Manager versions 2.2.0 WSO2 API Manager Analytics versions 2.2.0 WSO2 API Microgateway versions 2.2.0 WSO2 Data Analytics Server versions 3.2.0 WSO2 Enterprise Integrator versions through 6.6.0 WSO2 IS as Key Manager versions 5.5.0...

6.1CVSS6.2AI score0.00268EPSS

Exploits0References4

Positive Technologies•added 2020/08/27 12:0 a.m.•1 views

PT-2020-15814 · Wso2 · Wso2 Identity Server Analytics +8

8.8CVSS8.4AI score0.00397EPSS

Exploits0References4

CVE•added 2020/08/27 12:0 a.m.•41 views

CVE-2020-24703

CVE-2020-24703 affects multiple WSO2 products: API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0, Identity Server Analytics 5.5.0, and IoT Server 3.3.0–...

8.8CVSS8.4AI score0.00397EPSS

Exploits0References1Affected Software9

Cvelist•added 2020/08/27 12:0 a.m.•12 views

CVE-2020-24704

6.1CVSS6.3AI score0.00268EPSS

Exploits0References1

NVD•added 2020/08/21 8:15 p.m.•13 views

CVE-2020-24591

The Management Console in certain WSO2 products allows XXE attacks during EventReceiver updates. This affects API Manager through 3.0.0, API Manager Analytics 2.2.0 and 2.5.0, API Microgateway 2.2.0, Enterprise Integrator 6.2.0 and 6.3.0, and Identity Server Analytics through 5.6.0...

6.5CVSS6.5AI score0.00403EPSS

Exploits0References1

OSV•added 2020/08/21 8:15 p.m.•13 views

CVE-2020-24591

6.5CVSS6.8AI score

Exploits0References1

OSV•added 2020/08/21 8:15 p.m.•11 views

CVE-2020-24589

The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML External Entity injection XXE attacks...

9.1CVSS7.2AI score

Exploits0References1

Prion•added 2020/08/21 8:15 p.m.•13 views