CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2026/01/09 9:34 a.m.•5 views

CVE-2024-41516

A Reflected cross-site scripting XSS vulnerability in "ccHandler.aspx" CADClick = 1.11.0 allows remote attackers to inject arbitrary web script or HTML via the "bomid" parameter...

5.4CVSS5.7AI score0.00388EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-39064

Malicious code in bioql PyPI...

3.9CVSS6.6AI score0.00913EPSS

Exploits1References3

RedhatCVE•added 2025/06/27 12:16 a.m.•6 views

CVE-2025-25905

Cross-Site Scripting XSS vulnerability in CADClick v1.13.0 and before allows remote attackers to inject arbitrary web script or HTML via the "tree" parameter...

7.1CVSS5.6AI score0.00401EPSS

Exploits1References1

Cvelist•added 2025/06/25 12:0 a.m.•10 views

CVE-2025-25905

Cross-Site Scripting XSS vulnerability in CADClick v1.13.0 and before allows remote attackers to inject arbitrary web script or HTML via the "tree" parameter...

0.00401EPSS

Exploits1References3

Positive Technologies•added 2025/06/25 12:0 a.m.•5 views

PT-2025-26836 · Cadclick · Cadclick

Name of the Vulnerable Software and Affected Versions: CADClick versions 1.13.0 and earlier Description: The issue allows remote attackers to inject arbitrary web script or HTML via the tree parameter, enabling Cross-Site Scripting XSS attacks. Recommendations: For CADClick versions 1.13.0 and...

7.1CVSS5.5AI score0.00401EPSS

Exploits1References6

CVE•added 2025/06/25 12:0 a.m.•19 views

CVE-2025-25905

CADClick 1.13.0 and earlier is reported vulnerable to Cross-Site Scripting (XSS) via the tree parameter. The root cause cited in CNNVD/related entries is incorrect manipulation of the tree parameter, enabling remote attackers to inject arbitrary web script or HTML. No exploitation details are pro...

7.1CVSS5.8AI score0.00401EPSS

Exploits1References3Affected Software1

OSV•added 2024/10/04 6:15 p.m.•4 views

CVE-2024-41511

A Path Traversal Local File Inclusion vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local files via the "path" parameter...

3.9CVSS5.9AI score0.00913EPSS

Exploits1References3

NVD•added 2024/10/04 6:15 p.m.•13 views

CVE-2024-41513

A reflected cross-site scripting XSS vulnerability in "Artikel.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "searchindex" parameter...

5.4CVSS0.00388EPSS

Exploits1References3

CNNVD•added 2024/10/04 12:0 a.m.•3 views

CADClick 安全漏洞

CADClick is a software solution from CADClick, Inc. that creates interactive catalogs of 2D/3D CAD data for individual customer CAD catalogs. A security vulnerability exists in CADClick v1.11.0 and earlier versions that stems from the presence of a Reflective Cross-Site Scripting XSS vulnerabilit...

5.4CVSS5.6AI score0.00388EPSS

Exploits1References4

Positive Technologies•added 2024/10/04 12:0 a.m.•3 views

PT-2024-29432 · Cadclick · Cadclick

Name of the Vulnerable Software and Affected Versions: CADClick versions 1.11.0 and earlier Description: A reflected cross-site scripting XSS vulnerability in "PrevPgGroup.aspx" allows remote attackers to inject arbitrary web script or HTML via the wer parameter. This flaw lets remote attackers...

5.4CVSS5.4AI score0.00388EPSS

Exploits1References9

Positive Technologies•added 2024/10/04 12:0 a.m.•4 views

PT-2024-29431 · Cadclick · Cadclick

Name of the Vulnerable Software and Affected Versions: CADClick versions 1.11.0 and earlier Description: A reflected cross-site scripting XSS vulnerability is present in "Artikel.aspx" in CADClick, allowing remote attackers to inject arbitrary web script or HTML via the searchindex parameter. Thi...

5.4CVSS5.5AI score0.00388EPSS

Exploits1References9

Positive Technologies•added 2024/10/04 12:0 a.m.•3 views

PT-2024-29429 · Cadclick · Cadclick

Name of the Vulnerable Software and Affected Versions: CADClick versions 1.11.0 and earlier Description: A Path Traversal Local File Inclusion issue in "BinaryFileRedirector.ashx" allows remote attackers to retrieve arbitrary local files via the path parameter. This enables access to sensitive...

3.9CVSS6.2AI score0.00913EPSS

Exploits1References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by