CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2020/03/20 12:0 a.m.•2 views

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-22261)

Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...

6.1CVSS6.4AI score0.00471EPSS

CNVD•added 2020/03/20 12:0 a.m.•3 views

ilchCMS Cross-Site Scripting Vulnerability

ilch CMS is a content management system that provides a basic system that is easily extensible. A cross-site scripting vulnerability exists in ilchCMS, which can be exploited by an attacker to execute client-side code...

CNVD•added 2020/03/20 12:0 a.m.•0 views

Exploits2References1

ERPNext cross-site scripting vulnerability (CNVD-2020-19004)

ERPNext is an open source enterprise resource planning solution from ERPNext India. A cross-site scripting vulnerability exists in ERPNext version 11.1.47. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerabilit...

7.4CVSS6.4AI score0.00344EPSS

CNVD•added 2020/03/20 12:0 a.m.•2 views

NETSAS Enigma NMS Cross-Site Scripting Vulnerability (CNVD-2020-18995)

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A cross-site scripting vulnerability exists in NETSAS Enigma NMS version 65.0.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

CNVD•added 2020/03/20 12:0 a.m.•3 views

ilchCMS Cross-Site Scripting Vulnerability (CNVD-2020-19202)

CNVD•added 2020/03/20 12:0 a.m.•2 views

Exploits2References1

ilchCMS Cross-Site Scripting Vulnerability (CNVD-2020-19203)

CNVD•added 2020/03/18 12:0 a.m.•1 views

Dolibarr ERP/CRM Cross-Site Scripting Vulnerability (CNVD-2020-18398)

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A cross-site scripting vulnerability exists in Dolibarr ERP/CR...

5.4CVSS6.4AI score0.00606EPSS

CNVD•added 2020/03/13 12:0 a.m.•1 views

Chadha Software Technologies PHPKB Standard Multi-Language Cross-Site Scripting Vulnerability (CNVD-2020-17950)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A cross-site scripting vulnerability exists in the way URIs are handled in the admin/header.php file in Chadha PHPKB Standard...

4.8CVSS6.4AI score0.00321EPSS

CNVD•added 2020/03/13 12:0 a.m.•1 views

Chadha Software Technologies PHPKB Standard Multi-Language Cross-Site Scripting Vulnerability (CNVD-2020-17949)

4.8CVSS6.4AI score0.00321EPSS

CNVD•added 2020/03/13 12:0 a.m.•2 views

Chadha Software Technologies PHPKB Standard Multi-Language Cross-Site Scripting Vulnerability

4.8CVSS6.4AI score0.00321EPSS

CNVD•added 2020/03/09 12:0 a.m.•1 views

Cross-site scripting vulnerability in multiple Lexmark products (CNVD-2020-19522)

The Lexmark CS31x, among others, is a printer from Lexmark USA. A cross-site scripting vulnerability exists in the web server built into several Lexmark products, which stems from a lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute...

5.4CVSS6.4AI score0.00352EPSS

CNVD•added 2020/02/27 12:0 a.m.•2 views

IBL Online Weather Cross-Site Scripting Vulnerability

IBL Online Weather is a weather service software from iblsoft. A cross-site scripting vulnerability exists in IBL Online Weather versions prior to 4.3.5a. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerabilit...

6.1CVSS6.3AI score0.00707EPSS

CNVD•added 2020/02/21 12:0 a.m.•1 views

Synacor Zimbra Collaboration Cross-Site Scripting Vulnerability (CNVD-2020-13200)

Synacor Zimbra Collaboration Suite ZCS is an open source collaboration suite from Synacor, USA. The product includes WebMail, Calendar, Address Book and more. A cross-site scripting vulnerability exists in Synacor Zimbra Collaboration versions prior to 8.0.8. The vulnerability stems from the WEB...

6.1CVSS6.4AI score0.00266EPSS

CNVD•added 2020/02/21 12:0 a.m.•2 views

Synacor Zimbra Collaboration Cross-Site Scripting Vulnerability (CNVD-2020-13201)

5.4CVSS6.4AI score0.00254EPSS

CNVD•added 2020/02/21 12:0 a.m.•2 views

NEC Aterm WG2600HS Cross-Site Scripting Vulnerability

The NEC Aterm WG2600HS is a wireless router from Nippon Electric NEC. A cross-site scripting vulnerability exists in the NEC Aterm WG2600HS version 1.3.2, which originates from a WEB application that lacks proper validation of client data. An attacker can exploit the vulnerability to execute...

6.1CVSS6.4AI score0.00429EPSS

CNVD•added 2020/02/20 12:0 a.m.•3 views

Netsweeper Cross-Site Scripting Vulnerability (CNVD-2020-10711)

Netsweeper is a Web content filtering solution from Netsweeper Canada. A cross-site scripting vulnerability exists in the webadmin / policy / grouptableajax.php file in versions of Netsweeper prior to 3.1.10, which stems from a lack of proper validation of client-side data by the WEB application...

6.1CVSS6.3AI score0.25742EPSS

CNVD•added 2020/02/19 12:0 a.m.•20 views

WordPress Cross-Site Scripting Vulnerability (CNVD-2020-10610)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress suffers from a cross-site scripting vulnerability. The vulnerability stems from the WEB application'...

6.1CVSS6.3AI score0.00361EPSS

CNVD•added 2020/02/17 12:0 a.m.•4 views

Maxum Rumpus Cross-Site Scripting Vulnerability

Maxum Rumpus is an FTP and Web file transfer server. A cross-site scripting vulnerability exists in Maxum Rumpus that can be exploited by an attacker to execute client-side code...

6.1CVSS6.3AI score0.00288EPSS

CNVD•added 2020/02/17 12:0 a.m.•1 views

CloudBees Jenkins Brakeman plugin cross-site scripting vulnerability

CloudBees Jenkins is a web application that can use a large number of servers as build slaves to handle larger build/test loads. A cross-site scripting vulnerability exists in the Brakeman plugin in CloudBees Jenkins, version 0.12 and earlier. The vulnerability stems from a lack of proper...

5.4CVSS6.4AI score0.00103EPSS