CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2007-2555

Malware in sbrugna...

4.3CVSS6.4AI score0.00346EPSS

Exploits0References5

Packet Storm•added 2023/08/29 12:0 a.m.•242 views

HumbertoCaldas CMS 0.1.3 Cross Site Scripting

==================================================================================================================================== | Title : HumbertoCaldas Cms v0.1.3 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit | |...

7.1AI score

Exploits0

Cvelist•added 2023/04/11 12:0 a.m.•9 views

CVE-2023-23277

Snippet-box 1.0.0 is vulnerable to Cross Site Scripting XSS. Remote attackers can render arbitrary web script or HTML from the "Snippet code" form field...

6.3AI score0.00222EPSS

Exploits1References3

UbuntuCve•added 2021/10/01 4:15 p.m.•14 views

CVE-2021-40972

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the mail parameter...

6.1CVSS6.4AI score0.01286EPSS

Exploits1References3

CNVD•added 2020/12/02 12:0 a.m.•15 views

ThinkAdmin Cross-Site Scripting Vulnerability

ThinkAdmin is a backend administration framework developed based on the latest ThinkPHP V6 , using the MIT protocol open source. thinkAdmin v1, v6 exists a stored cross-site scripting vulnerability. A remote attacker can use the vulnerability to inject arbitrary Web script or HTML...

5.4CVSS0.8AI score0.00201EPSS

Exploits1References1

Cvelist•added 2017/11/22 5:0 p.m.•19 views

CVE-2017-7736

A stored Cross-site Scripting XSS vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import...

5.2AI score0.00151EPSS

Exploits0References2

NVD•added 2017/09/26 3:29 p.m.•16 views

CVE-2015-7391

Multiple cross-site scripting XSS vulnerabilities in TestLink before 1.9.14 allow remote attackers to inject arbitrary web script or HTML via the 1 selectedenddate or 2 selectedstartdate parameter to lib/results/tcCreatedPerUserOnTestProject.php; the 3 containerType parameter to...

6.1CVSS6.1AI score0.00215EPSS

Exploits2References1

UbuntuCve•added 2017/03/03 3:59 p.m.•13 views

CVE-2017-5616

Cross-site scripting XSS vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter...

6.1CVSS6.8AI score0.00271EPSS

Exploits1References2

UbuntuCve•added 2016/04/18 10:59 a.m.•23 views

CVE-2016-1652

Cross-site scripting XSS vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/modulesystem.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS...

6.1CVSS7AI score0.00623EPSS

Exploits0References2

NVD•added 2016/02/13 2:59 a.m.•11 views

CVE-2016-0866

Cross-site scripting XSS vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.4AI score0.0021EPSS

Exploits0References1

Cvelist•added 2015/10/14 7:0 p.m.•17 views

CVE-2015-7365

Cross-site scripting XSS vulnerability in the plugin upgrade form in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via the filename of an uploaded file containing errors...

5.6AI score0.00256EPSS

Exploits1References4

UbuntuCve•added 2015/08/24 3:59 p.m.•33 views

CVE-2014-8987

Cross-site scripting XSS vulnerability in the "set configuration" box in the Configuration Report page admconfigreport.php in MantisBT 1.2.13 through 1.2.17 allows remote administrators to inject arbitrary web script or HTML via the configoption parameter, a different vulnerability than...

3.5CVSS6AI score0.00532EPSS

Exploits0References3

NVD•added 2015/07/04 2:59 p.m.•14 views

CVE-2015-0551

Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before...

3.5CVSS5.5AI score0.00159EPSS

Exploits0References2

Cvelist•added 2015/07/04 2:0 p.m.•15 views

CVE-2015-0551

5.5AI score0.00159EPSS

Exploits0References2

OSV•added 2015/04/13 2:59 p.m.•7 views

CVE-2015-2932

Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an animated href XLink element...

6.2AI score

Exploits0References8

NVD•added 2015/01/23 3:59 p.m.•11 views

CVE-2015-1176

Cross-site scripting XSS vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action...

4.3CVSS6AI score0.00305EPSS

Exploits2References5

NVD•added 2014/10/09 2:55 p.m.•8 views

CVE-2014-8077

Cross-site scripting XSS vulnerability in the NewsFlash theme 6.x-1.x before 6.x-1.7 and 7.x-1.x before 7.x-2.5 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to font family CSS property...

3.5CVSS5.3AI score0.00335EPSS

Exploits0References6

UbuntuCve•added 2014/06/03 2:55 p.m.•35 views

CVE-2014-3943

Multiple cross-site scripting XSS vulnerabilities in unspecified backend components in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allow remote authenticated editors to inject arbitrary web script or HTML via unknown parameters...

3.5CVSS5.9AI score0.00208EPSS

Exploits0References4

NVD•added 2014/03/19 2:17 p.m.•14 views

CVE-2013-5953

Multiple cross-site scripting XSS vulnerabilities in tmpl/layouteditevent.php in the Multi Calendar commulticalendar component 4.0.2, and possibly 4.8.5 and earlier, for Joomla! allow remote attackers to inject arbitrary web script or HTML via the 1 calid or 2 paletteDefault parameter in an...

4.3CVSS5.9AI score0.00359EPSS

Exploits2References4

UbuntuCve•added 2013/11/05 8:55 p.m.•19 views

CVE-2013-4453

Cross-site scripting XSS vulnerability in templates/login.php in LDAP Account Manager LAM 4.3 and 4.2.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter...

4.3CVSS5.9AI score0.00475EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by