CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

868 matches found

CNVD•added 2019/12/19 12:0 a.m.•2 views

HCL Technologies AppScan Source Cross-Site Scripting Vulnerability

HCL Technologies AppScan Source is a static application security testing solution from HCL Technologies India. A cross-site scripting vulnerability exists in HCL Technologies AppScan Source. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An...

4.8CVSS6.4AI score0.00207EPSS

Exploits0References1

CNVD•added 2019/12/19 12:0 a.m.•1 views

Backdrop CMS Cross-Site Scripting Vulnerability (CNVD-2020-03709)

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS version 1.13.x before 1.13.5 and version 1.14.x before 1.14.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker...

4.8CVSS6.4AI score0.00346EPSS

Exploits0References1

CNVD•added 2019/12/13 12:0 a.m.•1 views

Intesync Solismed Cross-Site Scripting Vulnerability

Intesync Solismed is a clinic management system designed for use by independent and free clinics. A cross-site scripting vulnerability exists in Intesync Solismed. An attacker can exploit this vulnerability to execute client-side code...

6.1CVSS6.4AI score0.00419EPSS

Exploits1References1

CNVD•added 2019/12/12 12:0 a.m.•1 views

statusnet cross-site scripting vulnerability (CNVD-2020-04299)

statusnet is an open source micro-blogging program written in PHP. A cross-site scripting vulnerability exists in versions of statusnet prior to 0.9.9. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to...

6.1CVSS6.4AI score0.00307EPSS

Exploits0References1

CNVD•added 2019/12/12 12:0 a.m.•3 views

Avaya IP Office Application Server WebUI Component Cross-Site Scripting Vulnerability

Avaya IP Office Application Server is an application server from the American company Avaya. A cross-site scripting vulnerability exists in the WebUI component of IP Office Application Server version 11.x. The vulnerability stems from a lack of proper validation of client-side data in the WEB...

6.4CVSS6.3AI score0.00586EPSS

Exploits5References1

CNVD•added 2019/12/11 12:0 a.m.•3 views

WordPress Scoutnet Kalender Cross-Site Scripting Vulnerability

WordPress is a blogging platform from the WordPress Foundation developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.Scoutnet Kalender is one of the calendar plugins. A cross-site scripting vulnerability exists in version 1.1.0 of the WordPre...

5.4CVSS6.3AI score0.00661EPSS

Exploits2References1

CNVD•added 2019/12/11 12:0 a.m.•1 views

DAViCal CalDAV Server Cross-Site Scripting Vulnerability

DAViCal is a calendar sharing server that is an implementation of the CalDAV protocol. A cross-site scripting vulnerability exists in DAViCal CalDAV Server version 1.1.8 and earlier. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker can...

9.3CVSS6.4AI score0.00915EPSS

Exploits4References1

Kitploit•added 2019/12/07 12:37 a.m.•214 views

AntiDisposmail - Detecting Disposable Email Addresses

Antbot.pw provides a free, open API endpoint for checking a domain or email address against a frequently-updated list of disposable domains. CORS is enabled for all originating domains, so you can call the API directly from your client-side code. GET https://antibot.pw/api/[email protected]...

7.3AI score

Exploits0References1

CNVD•added 2019/12/03 12:0 a.m.•1 views

Cloudera Manager Cross-Site Scripting Vulnerability (CNVD-2020-14237)

Cloudera Manager is a suite of Hadoop data management software from Cloudera. The software supports creating clusters, authentication, data backup and recovery, and more. A cross-site scripting vulnerability exists in Cloudera Manager versions prior to 5.4.3. The vulnerability stems from the WEB...

5.4CVSS6.5AI score0.00187EPSS

Exploits0References1

CNVD•added 2019/11/28 12:0 a.m.•2 views

FusionPBX Cross-Site Scripting Vulnerability (CNVD-2019-44257)

FusionPBX is a scalable, multi-threaded communications platform. The platform can be used as a call center server, fax server, VOIP server, voicemail server, conference server and voice application server. A cross-site scripting vulnerability exists in FusionPBX. The vulnerability stems from the...

6.1CVSS6.4AI score0.00429EPSS

Exploits1References1

CNVD•added 2019/11/28 12:0 a.m.•1 views

Siemens Polarion webclient cross-site scripting vulnerability (CNVD-2019-44254)

Siemens Polarion is a suite of application lifecycle management software from Siemens, Germany. The software supports end-to-end enterprise application development in a unified, modular, browser-based software environment. webclient is one of the web-based client programs. A cross-site scripting...

5.4CVSS6.3AI score0.00337EPSS

Exploits0References1

CNVD•added 2019/11/28 12:0 a.m.•1 views

Siemens Polarion webclient Cross-Site Scripting Vulnerability

5.4CVSS6.3AI score0.00337EPSS

Exploits0References1

CNVD•added 2019/11/27 12:0 a.m.•2 views

Dolibarr ERP/CRM Cross-Site Scripting Vulnerability (CNVD-2019-45129)

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A cross-site scripting vulnerability exists in Dolibarr CRM/ER...

5.4CVSS6.4AI score0.00603EPSS

Exploits0References1

CNVD•added 2019/11/25 12:0 a.m.•2 views

NSSLGlobal Technologies SatLink VSAT Modem Unit Cross-Site Scripting Vulnerability

The NSSLGlobal Technologies SatLink VSAT Modem Unit VMU is a VSAT Very Small Aperture Terminal modem from NSSLGlobal Technologies. A cross-site scripting vulnerability exists in the web interface in NSSLGlobal Technologies SatLink VMU versions prior to 18.1.0. The vulnerability stems from a lack ...

6.1CVSS6.3AI score0.00408EPSS

Exploits1References1

NVD•added 2019/11/22 6:15 p.m.•10 views

CVE-2019-15652

The web interface for NSSLGlobal SatLink VSAT Modem Unit VMU devices before 18.1.0 doesn't properly sanitize input for error messages, leading to the ability to inject client-side code...

6.1CVSS6.4AI score0.00408EPSS

Exploits1References2

Cvelist•added 2019/11/22 5:23 p.m.•11 views

CVE-2019-15652

The web interface for NSSLGlobal SatLink VSAT Modem Unit VMU devices before 18.1.0 doesn't properly sanitize input for error messages, leading to the ability to inject client-side code...

6.4AI score0.00408EPSS

Exploits1References2

CVE•added 2019/11/22 5:23 p.m.•87 views

CVE-2019-15652

The CVE-2019-15652 entry concerns the web interface of NSSLGlobal SatLink VSAT Modem Unit (VMU). A vulnerability in the VMU web UI prior to version 18.1.0 arises from inadequate sanitization of input in error messages, enabling injection of client-side code (XSS) via crafted input. Documents cons...

6.1CVSS6.3AI score0.00408EPSS

Exploits1References2Affected Software1

CNVD•added 2019/11/22 12:0 a.m.•2 views

Matomo Cross-Site Scripting Vulnerability

matomo is an open source web analytics application based on PHP and MySQL. A cross-site scripting vulnerability exists in matomo versions prior to 1.10.1. The vulnerability stems from the WEB application w failing to properly validate client-side data. An attacker can exploit the vulnerability to...

6.1CVSS6.5AI score0.00472EPSS

Exploits0References1

CNVD•added 2019/11/22 12:0 a.m.•2 views

matomo cross-site scripting vulnerability (CNVD-2019-42239)

matomo is an open source web analytics application based on PHP and MySQL. A cross-site scripting vulnerability exists in matomo versions prior to 1.10.1. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerabilit...

6.1CVSS6.4AI score0.00472EPSS

Exploits0References1

CNVD•added 2019/11/22 12:0 a.m.•2 views

Statusnet Cross-Site Scripting Vulnerability

statusnet is an open source micro-blogging program written in PHP. A cross-site scripting vulnerability exists in the content of error messages in statusnet 2010 and prior versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker ca...

6.1CVSS6.4AI score0.00412EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by