Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

326 matches found

CVE
CVEadded 2023/02/21 12:0 a.m.50 views

CVE-2023-26265

The CVE-2023-26265 issue affects the Borg theme for Backdrop CMS older than 1.1.19. The vulnerability arises from insufficient sanitization of path arguments passed via URLs in the function borg_preprocess_page within template.php. The public-environ documents indicate this may enable improper ha...

5.3CVSS5.2AI score0.00578EPSS
Exploits0References2Affected Software1
Veracode
Veracodeadded 2023/02/10 6:33 a.m.29 views

Cross-site Scripting (XSS)

backdrop/backdrop is vulnerable to Cross-Site Scripting XSS. The vulnerability exist due to the lack of validation in the html elements when adding a post which allows an admin authenticated attacker to inject and execute malicious JavaScript when a user views a post...

4.8CVSS5.1AI score0.0196EPSS
Exploits1References4Affected Software1
NVD
NVDadded 2023/01/11 7:15 a.m.16 views

CVE-2012-10004

A vulnerability was found in backdrop-contrib Basic Cart on Drupal. It has been classified as problematic. Affected is the function basiccartcheckoutformsubmit of the file basiccart.cart.inc. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading t...

6.1CVSS4.5AI score0.00523EPSS
Exploits0References4
CVE
CVEadded 2023/01/11 6:21 a.m.40 views

CVE-2012-10004

The CVE-2012-10004 entry describes a cross-site scripting vulnerability in the Drupal Backdrop-contrib Basic Cart component. Affected is the function basic_cart_checkout_form_submit in the file basic_cart.cart.inc, with remote exploit possible. Upgrading to version 1.x-1.1.1 addresses the issue; ...

6.1CVSS4.8AI score0.00523EPSS
Exploits0References4Affected Software1
CNNVD
CNNVDadded 2023/01/11 12:0 a.m.7 views

backdrop-contrib Basic Cart 跨站脚本漏洞

backdrop-contrib Basic Cart is a cms site for individual developers. A cross-site scripting vulnerability exists in backdrop-contrib Basic Cart. An attacker can exploit this vulnerability to conduct cross-site scripting attacks...

6.1CVSS4.7AI score0.00523EPSS
Exploits0References5
Veracode
Veracodeadded 2022/11/29 3:26 a.m.15 views

Cross-site Scripting (XSS)

backdrop/backdrop is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the Page content in the library, allowing an attacker to inject and execute malicious javascript...

4.8CVSS5.3AI score0.01947EPSS
Exploits1References6Affected Software1
Veracode
Veracodeadded 2022/11/29 3:14 a.m.18 views

Cross-site Scripting (XSS)

backdrop/backdrop is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the Card content in the library, allowing an attacker to inject and execute malicious javascript...

4.8CVSS5.3AI score0.02505EPSS
Exploits1References5Affected Software1
Veracode
Veracodeadded 2022/11/29 3:1 a.m.14 views

Cross-site Scripting (XSS)

backdrop/backdrop is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the comment section in the library, allowing an attacker to inject and execute malicious javascript...

4.8CVSS5.3AI score0.00774EPSS
Exploits1References5Affected Software1
CNVD
CNVDadded 2022/11/24 12:0 a.m.26 views

Backdrop CMS Card Cross-Site Scripting Vulnerability

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS Card version 1.23.0, which stems from the lack of effective filtering and escaping of user-supplied data, and can be exploited by attackers to inject cross-site code and launc...

4.8CVSS4.7AI score0.02505EPSS
Exploits1References1
CNVD
CNVDadded 2022/11/24 12:0 a.m.21 views

Backdrop CMS Comment Cross-Site Scripting Vulnerability

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS Comment version 1.23.0, which can be exploited by attackers to launch cross-site scripting XSS attacks due to a lack of effective filtering and escaping of user-supplied data...

4.8CVSS4.7AI score0.00774EPSS
Exploits1References1
Github Security Blog
Github Security Blogadded 2022/11/23 3:30 a.m.26 views

Cross-site Scripting in Backdrop CMS

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

4.8CVSS4.9AI score0.01947EPSS
Exploits1References7Affected Software1
OSV
OSVadded 2022/11/23 3:30 a.m.15 views

GHSA-58RJ-W2QF-QJG7 Cross-site Scripting in Backdrop CMS

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

4.8CVSS4.8AI score0.01947EPSS
Exploits1References6
OSV
OSVadded 2022/11/23 2:15 a.m.25 views

CVE-2022-42095

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

4.8CVSS5AI score0.01947EPSS
Exploits1References5
NVD
NVDadded 2022/11/23 2:15 a.m.13 views

CVE-2022-42095

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

4.8CVSS0.01947EPSS
Exploits1References5
Prion
Prionadded 2022/11/23 2:15 a.m.18 views

Cross site scripting

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

4.3CVSS4.9AI score0.01947EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2022/11/23 12:0 a.m.24 views

CVE-2022-42095

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

5.2AI score0.01947EPSS
Exploits1References5
CNNVD
CNNVDadded 2022/11/23 12:0 a.m.4 views

Backdrop CMS 跨站脚本漏洞

Backdrop CMS is an open source content management system CMS. A security vulnerability exists in Backdrop CMS version 1.23.0, which stems from the discovery of a stored cross-site scripting XSS vulnerability via Page content...

4.8CVSS4.9AI score0.01947EPSS
Exploits1References6
CVE
CVEadded 2022/11/23 12:0 a.m.95 views

CVE-2022-42095

Backdrop CMS 1.23.0 contains a stored XSS vulnerability in Page content. The nuclei template identifies the vulnerable component as the Page content handling, with impact including injection of malicious scripts that could lead to data theft, session hijacking, or defacement. Root cause details i...

4.8CVSS4.8AI score0.01947EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2022/11/23 12:0 a.m.5 views

CVE-2022-42095

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the Page content...

4.9AI score0.01947EPSS
Exploits1References5
Github Security Blog
Github Security Blogadded 2022/11/22 3:30 p.m.18 views

Cross-site Scripting in Backdrop CMS

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting XSS vulnerability via 'Comment.'s...

4.8CVSS4.9AI score0.00774EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder