CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Tenable Nessus•added 2025/08/24 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2017-15571

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/issues/list.html.erb via crafted column data. CVE-2017-15571 Note...

6.1CVSS6.6AI score0.00517EPSS

Exploits0References2

CNNVD•added 2025/03/27 12:0 a.m.•1 views

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA versions prior to 3.2.8 that stems from a stored cross-site scripting attack...

6.2CVSS5.9AI score0.00218EPSS

Exploits1References2

CNNVD•added 2025/01/10 12:0 a.m.•1 views

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA versions prior to 3.2.8, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability that allows an attacker to inject malicio...

6.5CVSS5AI score0.00724EPSS

Exploits1References1

CNNVD•added 2025/01/08 12:0 a.m.•2 views

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA versions prior to 3.2.8 that stems from the presence of a SQL injection vulnerability that allows an attacker to execute arbitrary SQL commands, thereby compromisi...

9.4CVSS8AI score0.00494EPSS

Exploits1References3

SUSE CVE•added 2023/02/15 6:18 a.m.•1 views

SUSE CVE-2005-1319

Cross-site scripting XSS vulnerability in Horde IMP Webmail client before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title...

4.3CVSS6AI score0.00335EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 4:38 a.m.•0 views

SUSE CVE-2017-15571

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/issues/list.html.erb via crafted column data...

6.1CVSS6.4AI score0.00517EPSS

Exploits0References3

Positive Technologies•added 2020/11/25 12:0 a.m.•1 views

PT-2022-19327

Name of the Vulnerable Software and Affected Versions Spip versions prior to 3.2.8 Description A PHP injection issue allows attackers to execute arbitrary PHP code via the oups parameter at the "/ecrire" API endpoint. Recommendations For versions prior to 3.2.8, update to version 3.2.8 or later t...

9.8CVSS7.5AI score0.9312EPSS

Exploits24References34

Positive Technologies•added 2019/08/30 12:0 a.m.•2 views

PT-2019-14427 · WordPress · Custom 404 Pro

Name of the Vulnerable Software and Affected Versions: custom-404-pro plugin versions prior to 3.2.8 Description: The issue is related to reflected XSS. Recommendations: For versions prior to 3.2.8, update to version 3.2.8 or later to resolve the issue...

6.1CVSS6.1AI score0.00368EPSS

Exploits1References4

OSV•added 2019/08/27 1:15 p.m.•1 views

CVE-2019-15660

The wp-members plugin before 3.2.8 for WordPress has CSRF...

8.8CVSS7.3AI score0.00148EPSS

Exploits1References1

CNVD•added 2017/10/27 12:0 a.m.•2 views

Redmine cross-site scripting vulnerability (CNVD-2017-31957)

Redmine is a set of open source Web-based project management and defect tracking tools . The tool provides project management , issue tracking and role-based access control and other features . A cross-site scripting vulnerability exists in the app/views/issues/list.html.erb file in Redmine...

6.1CVSS6AI score0.00517EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by