Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1045 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 6:34 a.m.4 views

CVE-2024-50841

A Stored Cross-Site Scripting XSS vulnerability was found in /admin/calendarofevents.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the datestart, dateend, and title parameters...

5.4CVSS5.3AI score0.00485EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:34 a.m.5 views

CVE-2024-50836

A Stored Cross-Site Scripting XSS vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and lastname parameters...

5.4CVSS5AI score0.00127EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 5:30 a.m.4 views

CVE-2023-41614

A stored cross-site scripting XSS vulnerability in the Add Animal Details function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description of Animal parameter...

4.8CVSS5.6AI score0.00061EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 4:17 a.m.4 views

CVE-2023-41575

Multiple stored cross-site scripting XSS vulnerabilities in /bbdms/sign-up.php of Blood Bank & Donor Management v2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name, Message, or Address parameters...

5.4CVSS5.9AI score0.00149EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 3:53 a.m.4 views

CVE-2023-33787

A stored cross-site scripting XSS vulnerability in the Create Tenant Groups /tenancy/tenant-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.4CVSS5.6AI score0.00285EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:20 a.m.3 views

CVE-2023-24234

A stored cross-site scripting XSS vulnerability in the component php-inventory-management-system/brand.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Brand Name parameter...

4.8CVSS5.5AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:15 a.m.2 views

CVE-2023-22438

Cross-site scripting vulnerability in Contents Management of EC-CUBE 4 series EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0, EC-CUBE 3 series EC-CUBE 3.0.0 to 3.0.18-p5, and EC-CUBE 2 series EC-CUBE 2.11.0 to 2.11.5, EC-CUBE 2.12.0 to 2.12.6, EC-CUBE 2.13.0 to 2.13.5, an...

5.4CVSS6.5AI score0.00235EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 2:7 a.m.3 views

CVE-2023-48940

A stored cross-site scripting XSS vulnerability in /admin.php of DaiCuo v2.5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.6AI score0.00087EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 12:27 a.m.3 views

CVE-2022-48007

A stored cross-site scripting XSS vulnerability in identification.php of Piwigo v13.4.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User-Agent...

5.4CVSS5.5AI score0.00198EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 12:16 a.m.6 views

CVE-2022-45037

A cross-site scripting XSS vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name field...

5.4CVSS5.7AI score0.0304EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 12:6 a.m.3 views

CVE-2022-25574

A stored cross-site scripting XSS vulnerability in the upload function of /admin/show.php allows attackers to execute arbitrary web scripts or HTML via a crafted image file...

4.8CVSS5.6AI score0.00288EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 12:2 a.m.2 views

CVE-2022-43076

A cross-site scripting XSS vulnerability in /admin/edit-admin.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtemail parameter...

4.8CVSS5.8AI score0.00369EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 12:2 a.m.7 views

CVE-2022-43078

A cross-site scripting XSS vulnerability in /admin/add-fee.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter...

4.8CVSS5.8AI score0.00369EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 11:12 p.m.5 views

CVE-2022-36639

A stored cross-site scripting XSS vulnerability in /client.php of Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter...

5.4CVSS5.6AI score0.00224EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:56 p.m.6 views

CVE-2022-32225

A reflected DOM-Based XSS vulnerability has been discovered in the Help directory of Veeam Management Pack for Microsoft System Center 8.0. This vulnerability could be exploited by an attacker by convincing a legitimate user to visit a crafted URL on a Veeam Management Pack for Microsoft System...

6.1CVSS6.1AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:40 p.m.4 views

CVE-2022-27422

A reflected cross-site scripting XSS vulnerability in Chamilo LMS v1.11.13 allows attackers to execute arbitrary web scripts or HTML via user interaction with a crafted URL...

6.1CVSS5.7AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:39 p.m.9 views

CVE-2022-27961

A cross-site scripting XSS vulnerability at /ofcms/company-c-47 in OFCMS v1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment text box...

5.4CVSS5.8AI score0.00191EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:30 p.m.4 views

CVE-2022-24590

A stored cross-site scripting XSS vulnerability in the Add Link function of BackdropCMS v1.21.1 allows attackers to execute arbitrary web scripts or HTML...

5.4CVSS5.8AI score0.00206EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:24 p.m.6 views

CVE-2022-24227

A cross-site scripting XSS vulnerability in BoltWire v7.10 and v 8.00 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the name and lastname parameters...

6.1CVSS5.8AI score0.03285EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:47 p.m.4 views

CVE-2022-45033

A cross-site scripting XSS vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field...

5.4CVSS5.8AI score0.00213EPSS
Exploits1References1
Rows per page
Query Builder