CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3301 matches found

OSV•added 2023/10/18 10:15 p.m.•13 views

CVE-2023-45958

Thirty Bees Core v1.4.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the backuppagination parameter at /controller/AdminController.php. This vulnerability allows attackers to execute arbitrary JavaScript in the web browser of a user via a crafted payload...

6.1CVSS6.3AI score

Exploits0References2

Prion•added 2023/10/18 10:15 p.m.•14 views

Cross site scripting

5.8CVSS6AI score0.00312EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/10/18 12:0 a.m.•8 views

CVE-2023-45958

6.4AI score0.00312EPSS

Exploits0References2

NVD•added 2023/10/14 4:15 p.m.•9 views

CVE-2023-35024

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend...

7.6CVSS5.4AI score0.00354EPSS

Exploits0References2

NVD•added 2023/10/11 4:15 p.m.•12 views

CVE-2023-34354

A stored cross-site scripting XSS vulnerability exists in the uploadbrand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to execution of arbitrary javascript in another user's browser. An attacker can make an authenticated HTTP request to...

5.4CVSS4.4AI score0.0081EPSS

Exploits1References2

Prion•added 2023/10/11 4:15 p.m.•22 views

Cross site scripting

4.9CVSS5.5AI score0.0081EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2023/10/11 3:16 p.m.•8 views

CVE-2023-34354

3.4CVSS5.3AI score0.0081EPSS

Exploits1References1

NVD•added 2023/09/21 11:15 p.m.•10 views

CVE-2023-41616

A reflected cross-site scripting XSS vulnerability in the Search Student function of Student Management System v1.2.3 and before allows attackers to execute arbitrary Javascript in the context of a victim user's browser via a crafted payload...

4.8CVSS5AI score0.00392EPSS

Exploits0References1

Prion•added 2023/09/21 11:15 p.m.•13 views

Cross site scripting

4.3CVSS5AI score0.00392EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/09/21 12:0 a.m.•12 views

CVE-2023-41616

5.9AI score0.00392EPSS

Exploits0References1

ATTACKERKB•added 2023/09/20 9:15 p.m.•2 views

CVE-2023-38875

A reflected cross-site scripting XSS vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'validator' parameter in '/reset-password'...

6.1CVSS6AI score0.00824EPSS

Exploits0References3

NVD•added 2023/09/20 9:15 p.m.•26 views

CVE-2023-38875

6.1CVSS6.1AI score0.00824EPSS

Exploits0References1

NVD•added 2023/09/20 9:15 p.m.•26 views

CVE-2023-38876

6.1CVSS6.1AI score0.00731EPSS

Exploits0References1

Prion•added 2023/09/20 9:15 p.m.•18 views

Cross site scripting

5.8CVSS6.1AI score0.00824EPSS

Exploits0References1Affected Software1

NVD•added 2023/09/20 6:15 p.m.•15 views

CVE-2023-40618

A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in...

6.1CVSS6.1AI score0.00512EPSS

Exploits1References1

OSV•added 2023/09/20 6:15 p.m.•16 views

CVE-2023-40618

6.1CVSS6.2AI score0.00512EPSS

Exploits1References1

Prion•added 2023/09/20 6:15 p.m.•14 views

Cross site scripting

5.8CVSS6.1AI score0.00512EPSS

Exploits1References1Affected Software1