Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

628 matches found

EUVD
EUVDadded 2026/06/15 12:0 p.m.6 views

EUVD-2016-10884

BBS e-Franchise 1.1.1 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the uid parameter. Attackers can craft requests to pages using the plugin's shortcode with UNION-based SQL...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/06/15 12:0 p.m.6 views

CVE-2016-20072 BBS e-Franchise 1.1.1 WordPress Plugin SQL Injection via uid

BBS e-Franchise 1.1.1 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the uid parameter. Attackers can craft requests to pages using the plugin's shortcode with UNION-based SQL...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
CVE
CVEadded 2026/06/15 12:0 p.m.11 views

CVE-2016-20072

CVE-2016-20072 affects the BBS e-Franchise 1.1.1 WordPress plugin. The vulnerability is an SQL injection in the uid parameter used by the plugin’s shortcode, enabling unauthenticated attackers to craft requests (Union-based SQLi) to extract sensitive data (e.g., user information, taxonomy terms)....

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/06/15 12:0 a.m.9 views

PT-2026-49210

BBS e-Franchise 1.1.1 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the uid parameter. Attackers can craft requests to pages using the plugin's shortcode with UNION-based SQL...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/13 6:30 p.m.6 views

EUVD-2020-31223

Kuicms Php EE 2.0 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted content through the bbs reply endpoint. Attackers can send POST requests to /web/?c=bbs&a=reply with HTML and JavaScript payloads in t...

7.2CVSS5.9AI score0.00311EPSS
Exploits0References5
NVD
NVDadded 2026/05/13 4:16 p.m.9 views

CVE-2020-37222

Kuicms Php EE 2.0 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted content through the bbs reply endpoint. Attackers can send POST requests to /web/?c=bbs&a=reply with HTML and JavaScript payloads in t...

7.2CVSS0.00311EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/13 2:22 p.m.6 views

CVE-2020-37222

Kuicms Php EE 2.0 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted content through the bbs reply endpoint. Attackers can send POST requests to /web/?c=bbs&a=reply with HTML and JavaScript payloads in t...

7.2CVSS5.9AI score0.00311EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/13 2:22 p.m.8 views

CVE-2020-37222 Kuicms Php EE 2.0 Persistent Cross-Site Scripting via bbs reply

Kuicms Php EE 2.0 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted content through the bbs reply endpoint. Attackers can send POST requests to /web/?c=bbs&a=reply with HTML and JavaScript payloads in t...

7.2CVSS5.9AI score0.00311EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/13 2:22 p.m.30 views

CVE-2020-37222 Kuicms Php EE 2.0 Persistent Cross-Site Scripting via bbs reply

Kuicms Php EE 2.0 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted content through the bbs reply endpoint. Attackers can send POST requests to /web/?c=bbs&a=reply with HTML and JavaScript payloads in t...

7.2CVSS0.00311EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/05/13 12:0 a.m.9 views

Kuicms Php EE 跨站脚本漏洞

Kuicms Php EE is a PHP enterprise website content management system developed by Kuicms. Version 2.0 of Kuicms Php EE contains a cross-site scripting vulnerability. This vulnerability stems from a persistent cross-site scripting issue, which may allow unauthenticated attackers to submit malicious...

7.2CVSS5.6AI score0.00311EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/23 9:16 p.m.3 views

CVE-2025-49336

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pondol Pondol BBS pondol-bbs allows Stored XSS.This issue affects Pondol BBS: from n/a through = 1.1.8.4...

5.9CVSS5.4AI score0.00226EPSS
Exploits0References1
NVD
NVDadded 2026/01/22 5:15 p.m.3 views

CVE-2025-49336

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pondol Pondol BBS pondol-bbs allows Stored XSS.This issue affects Pondol BBS: from n/a through = 1.1.8.4...

5.9CVSS0.00226EPSS
Exploits0References1
CVE
CVEadded 2026/01/22 4:51 p.m.6 views

CVE-2025-49336

CVE-2025-49336 affects the WordPress Pondol BBS plugin (pondol-bbs) up to and including version 1.1.8.4. The issue is a Stored Cross-Site Scripting (XSS) vulnerability caused by improper input handling during web page generation. The security ratings indicate a medium severity (CVSS 3.1: 5.4) wit...

5.9CVSS5.4AI score0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/01/22 4:51 p.m.1 views

CVE-2025-49336 WordPress Pondol BBS plugin <= 1.1.8.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pondol Pondol BBS pondol-bbs allows Stored XSS.This issue affects Pondol BBS: from n/a through = 1.1.8.4...

5.9CVSS5.9AI score0.00226EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/22 4:51 p.m.19 views

CVE-2025-49336 WordPress Pondol BBS plugin <= 1.1.8.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pondol Pondol BBS pondol-bbs allows Stored XSS.This issue affects Pondol BBS: from n/a through = 1.1.8.4...

5.9CVSS0.00226EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:51 p.m.3 views

CVE-2025-49336

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pondol Pondol BBS pondol-bbs allows Stored XSS.This issue affects Pondol BBS: from n/a through = 1.1.8.4...

5.4CVSS5.3AI score0.00226EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/01/22 12:0 a.m.2 views

PT-2026-3975

Name of the Vulnerable Software and Affected Versions pondol Pondol BBS versions through 1.1.8.4 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means that malicious scripts can be...

5.3AI score0.00226EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/01/07 9:48 a.m.5 views

CVE-2022-27496

Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.5AI score0.00719EPSS
Exploits0References1
OSV
OSVadded 2025/10/23 6:16 p.m.8 views

CVE-2025-61464

gnuboard gnuboard4 v4.36.04 and before is vulnerable to Second-order SQL Injection via the searchtable in bbs/search.php...

6.5CVSS5.9AI score
Exploits0References2
Cvelist
Cvelistadded 2025/10/23 12:0 a.m.8 views

CVE-2025-61464

gnuboard gnuboard4 v4.36.04 and before is vulnerable to Second-order SQL Injection via the searchtable in bbs/search.php...

0.00209EPSS
Exploits1References2
Rows per page
Query Builder