Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:34 a.m.14 views

CVE-2019-7168

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog...

4.8CVSS6.1AI score0.0061EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3361

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.0061EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/05/14 1:38 a.m.19 views

Croogo vulnerable to XSS in Blog field

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog...

4.8CVSS6.4AI score0.0061EPSS
Exploits1References4Affected Software1
CNVD
CNVD
added 2019/01/30 12:0 a.m.2 views

Croogo cross-site scripting vulnerability (CNVD-2019-03588)

Croogo is a content management system CMS based on the CakePHP framework development . The system provides content type can be customized for Blog, Node, Page, content editing using WYSIWYG editor and other features. A cross-site scripting vulnerability exists in Croogo 3.0.5 and earlier versions...

4.8CVSS6.3AI score0.0061EPSS
Exploits1References1
Prion
Prion
added 2019/01/29 6:29 p.m.11 views

Cross site scripting

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog...

3.5CVSS4.9AI score0.0061EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/01/29 6:0 p.m.20 views

CVE-2019-7168

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog...

5AI score0.0061EPSS
Exploits1References1
NVD
NVD
added 2011/01/07 11:0 p.m.21 views

CVE-2010-4322

Cross-site scripting XSS vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog aka What Are You Working On? field...

3.5CVSS5.3AI score0.00769EPSS
Exploits0References2
Prion
Prion
added 2011/01/07 11:0 p.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog aka What Are You Working On? field...

3.5CVSS5.7AI score0.00769EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder