CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1057 matches found

RedhatCVE•added 2025/05/23 8:11 a.m.•7 views

CVE-2024-54935

A Stored Cross-Site Scripting XSS vulnerability was found in /sendmessageteachertostudent.php of kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the mymessage parameter...

5.4CVSS6AI score0.0038EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 7:28 a.m.•4 views

CVE-2024-57776

A cross-site scripting XSS vulnerability in the /apply/getEditPage?view interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.6CVSS4.7AI score0.00273EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 7:20 a.m.•5 views

CVE-2024-44796

A cross-site scripting XSS vulnerability in the component /auth/AzureRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the errordescription parameter...

8CVSS5.9AI score0.00466EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 7:12 a.m.•16 views

CVE-2024-35498

A cross-site scripting XSS vulnerability in Grav v1.7.45 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS5.7AI score0.00364EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 7:5 a.m.•5 views

CVE-2024-57771

A cross-site scripting XSS vulnerability in the common/getEditPage?view interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.8CVSS5AI score0.00307EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 7:5 a.m.•4 views

CVE-2024-57772

A cross-site scripting XSS vulnerability in the /bumph/getDraftListPage?type interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.8CVSS5AI score0.00279EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 6:50 a.m.•6 views

CVE-2024-54936

A Stored Cross-Site Scripting XSS vulnerability was found in /sendmessage.php of Kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the mymessage parameter...

5.4CVSS6AI score0.00395EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 6:41 a.m.•7 views

CVE-2024-52763

A cross-site scripting XSS vulnerability in the component /graphallperiods.php of Ganglia-web v3.73 to v3.75 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "g" parameter...

5.4CVSS5.7AI score0.00628EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 6:41 a.m.•4 views

CVE-2024-52762

A cross-site scripting XSS vulnerability in the component /master/header.php of Ganglia-web v3.73 to v3.76 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "tz" parameter...

5.4CVSS5.2AI score0.00752EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 6:34 a.m.•3 views

CVE-2024-50839

A Stored Cross-Site Scripting XSS vulnerability was found in /admin/addsubject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the subjectcode and title parameters...

5.4CVSS5.3AI score0.0038EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 6:34 a.m.•4 views

CVE-2024-50841

A Stored Cross-Site Scripting XSS vulnerability was found in /admin/calendarofevents.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the datestart, dateend, and title parameters...

5.4CVSS5.3AI score0.0038EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 6:34 a.m.•7 views

CVE-2024-50836

A Stored Cross-Site Scripting XSS vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and lastname parameters...

5.4CVSS5AI score0.00548EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 5:30 a.m.•6 views

CVE-2023-41614

A stored cross-site scripting XSS vulnerability in the Add Animal Details function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description of Animal parameter...

4.8CVSS5.6AI score0.00362EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:17 a.m.•10 views

CVE-2023-41575

Multiple stored cross-site scripting XSS vulnerabilities in /bbdms/sign-up.php of Blood Bank & Donor Management v2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name, Message, or Address parameters...

5.4CVSS5.9AI score0.00429EPSS

Exploits0

RedhatCVE•added 2025/05/23 3:53 a.m.•4 views

CVE-2023-33787

A stored cross-site scripting XSS vulnerability in the Create Tenant Groups /tenancy/tenant-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.4CVSS5.6AI score0.00394EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 3:20 a.m.•5 views

CVE-2023-24234

A stored cross-site scripting XSS vulnerability in the component php-inventory-management-system/brand.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Brand Name parameter...

4.8CVSS5.5AI score0.0048EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 3:15 a.m.•5 views

CVE-2023-22438

Cross-site scripting vulnerability in Contents Management of EC-CUBE 4 series EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0, EC-CUBE 3 series EC-CUBE 3.0.0 to 3.0.18-p5, and EC-CUBE 2 series EC-CUBE 2.11.0 to 2.11.5, EC-CUBE 2.12.0 to 2.12.6, EC-CUBE 2.13.0 to 2.13.5, an...

5.4CVSS6.5AI score0.00692EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:7 a.m.•4 views

CVE-2023-48940

A stored cross-site scripting XSS vulnerability in /admin.php of DaiCuo v2.5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.6AI score0.00497EPSS

Exploits0

RedhatCVE•added 2025/05/23 12:27 a.m.•12 views

CVE-2022-48007

A stored cross-site scripting XSS vulnerability in identification.php of Piwigo v13.4.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User-Agent...

5.4CVSS5.5AI score0.00419EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:16 a.m.•7 views

CVE-2022-45037

A cross-site scripting XSS vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name field...

5.4CVSS5.7AI score0.01024EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by