CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3298 matches found

Veracode•added 2020/07/08 4:10 a.m.•19 views

Cross-Site Scripting (XSS)

teaminmedias-pluswerk/kesearch aka Faceted Search extension of Typo3 is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser via parameters such as content,abstract,message,tag, title in the backend module controller...

5.4CVSS4.7AI score0.00555EPSS

Exploits0References3Affected Software1

CNVD•added 2020/07/08 12:0 a.m.•1 views

NeDi Consulting NeDi Cross-Site Scripting Vulnerability (CNVD-2020-44580)

NeDi Consulting NeDi is a suite of open source software that supports the discovery and mapping of network devices from the Swiss company NeDi Consulting. A cross-site scripting vulnerability exists in NeDi Consulting NeDi version 1.9C. The vulnerability can be exploited to execute arbitrary...

5.4CVSS6.6AI score0.00557EPSS

Exploits0References1

CNVD•added 2020/07/08 12:0 a.m.•1 views

NeDi Consulting NeDi Cross-Site Scripting Vulnerability (CNVD-2020-44577)

5.4CVSS6.7AI score0.00568EPSS

Exploits0References1

CNVD•added 2020/07/08 12:0 a.m.•1 views

NeDi Consulting NeDi Cross-Site Scripting Vulnerability (CNVD-2020-44573)

5.4CVSS6.7AI score0.00545EPSS

Exploits1References1

OSV•added 2020/07/07 4:15 p.m.•1 views

CVE-2020-15032

NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Incidents.php id parameter...

5.4CVSS6.2AI score

Exploits0References2

NVD•added 2020/07/07 4:15 p.m.•11 views

CVE-2020-15030

NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Routes.php rtr parameter...

5.4CVSS0.00568EPSS

Exploits0References2

NVD•added 2020/07/07 4:15 p.m.•20 views

CVE-2020-15033

NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the snmpget.php ip parameter...

5.4CVSS0.00557EPSS

Exploits0References2

Prion•added 2020/07/07 3:15 p.m.•17 views

Cross site scripting

NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Linked.php dv parameter...

3.5CVSS5.4AI score0.00545EPSS

Exploits1References2Affected Software1

Veracode•added 2020/07/07 3:34 a.m.•31 views

Cross-Site Scripting (XSS)

jspdf is vulnerable to cross-site scripting. An attacker is able to inject and execute arbitrary Javascript in a user's browser by bypassing the filtering regex using...

6.3CVSS3.3AI score0.01809EPSS

Exploits1References1Affected Software1

Veracode•added 2020/07/03 3:50 a.m.•16 views

Cross-Site Scripting (XSS)

jspdf is vulnerable to cross-site scripting. An attacker is able to inject and execute arbitrary Javascript in a user's browser via the HTML method...

6.1CVSS2.5AI score0.00968EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2020/07/03 12:0 a.m.•2 views

PT-2020-10296 · Froala · Froala Editor

Name of the Vulnerable Software and Affected Versions: Froala Editor versions prior to 3.2.3 Description: A DOM-based cross-site scripting XSS issue exists because HTML code in the editor is not correctly sanitized when inserted into the DOM. This allows an attacker that can control the editor...

6.1CVSS5.9AI score0.01847EPSS

Exploits3References16

CNVD•added 2020/07/02 12:0 a.m.•4 views

F5 BIG-IP Cross-Site Scripting Vulnerability (CNVD-2020-61639)

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A cross-site scripting vulnerability exists in the configuration tool in F5 BIG-IP. An attacker could exploit this vulnerabili...

6.1CVSS6.5AI score0.02233EPSS

Exploits1References1

CNVD•added 2020/06/30 12:0 a.m.•6 views

MK-AUTH cross-site scripting vulnerability (CNVD-2021-17430)

MK-AUTH is an access control system from the Brazilian software developer Pedro Filho. A cross-site scripting vulnerability exists in the admin and client scripts in MK-AUTH version 19.01, which can be exploited by an attacker to execute arbitrary JavaScript code...

6.1CVSS6.6AI score0.00685EPSS

Exploits0References1

Cvelist•added 2020/06/26 1:9 p.m.•22 views

CVE-2020-15016

NeDi 1.9C is vulnerable to reflected cross-site scripting. The Other-Converter.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the txt GET parameter...

6AI score0.00649EPSS

Exploits0References1

Veracode•added 2020/06/23 3:13 a.m.•25 views

Cross-Site Scripting (XSS)

css-validator is vulnerable to cross-site scripting XSS. A remote attacker is able to inject and execute arbitrary Javascript in a user's browser via the URL when an error message is displayed...

5.4CVSS3.9AI score0.0055EPSS

Exploits0References3Affected Software1

CNVD•added 2020/06/19 12:0 a.m.•2 views

IBM Rational DOORS Next Generation Cross-Site Scripting Vulnerability (CNVD-2020-36389)

IBM Rational DOORS Next Generation DNG/RRC is a suite of software for capturing, tracking, analyzing, and managing requirements from IBM in the United States. The software provides a single platform for global team collaboration to manage requirements more efficiently, sharing unified users,...

5.4CVSS6.3AI score0.00561EPSS

Exploits0References1

Veracode•added 2020/06/16 4:49 a.m.•34 views

Cross-Site Scripting (XSS)

dijit is vulnerable to cross-site scripting. A remote attacker is able to inject and execute arbitrary Javascript in a user's browser via the Editor's LinkDialog plugin...

5.4CVSS4.3AI score0.01183EPSS

Exploits0References6Affected Software1

NVD•added 2020/06/12 2:15 p.m.•27 views

CVE-2020-9648

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.1CVSS0.02441EPSS

Exploits0References1

NVD•added 2020/06/12 2:15 p.m.•23 views

CVE-2020-9651

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting reflected vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.1CVSS0.02441EPSS

Exploits0References1

OSV•added 2020/06/12 2:15 p.m.•3 views

CVE-2020-9647

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting dom-based vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.1CVSS6.5AI score0.02441EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by