CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

CNVD•added 2022/02/14 12:0 a.m.•18 views

Taocms Cross-Site Scripting Vulnerability (CNVD-2022-11522)

Taocms is a micro Cms content management system in China. Taocms suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to execute client-side code...

4.8CVSS3.7AI score0.00219EPSS

Exploits1References1

CNVD•added 2022/01/27 12:0 a.m.•10 views

ForestBlog Cross-Site Scripting Vulnerability

ForestBlog is an application. A personal blog. ForestBlog suffers from a cross-site scripting vulnerability that stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit the vulnerability to execute JavaScript code on the client side...

6.1CVSS6AI score0.00223EPSS

Exploits1References1

CNVD•added 2022/01/25 12:0 a.m.•14 views

showdoc cross-site scripting vulnerability

showdoc is an open source tool ideal for IT teams to share documents online. showdoc suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execute client-side code...

6.5CVSS4.1AI score0.00195EPSS

Exploits1References1

CNVD•added 2022/01/21 12:0 a.m.•19 views

pimcore Cross-Site Scripting Vulnerability (CNVD-2022-07500)

Pimcore is an open source Web content management platform for creating and managing Web applications from the Austrian company Pimcore. The platform integrates Web content management, e-commerce frameworks and product information management applications.Pimcore has cross-site scripting...

6.6CVSS3.3AI score0.00044EPSS

Exploits1References1

CNVD•added 2021/12/17 12:0 a.m.•25 views

Adobe Experience Manager Cross-Site Scripting Vulnerability

Adobe Experience Manager AEM is a content management solution from Adobe that can be used to build websites, mobile applications and forms. The solution supports mobile content management, marketing and sales campaign management, and multi-site management, etc. A cross-site scripting vulnerabilit...

4.3CVSS2.4AI score0.03502EPSS

Exploits0Affected Software1

CNVD•added 2021/11/24 12:0 a.m.•31 views

JetBrains YouTrack Cross-Site Scripting Vulnerability

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. The software has features such as bug tracking, creating workflows and monitoring project progress. A cross-site scripting vulnerability exists in JetBrains YouTrack, which stems from...

3.5CVSS1.7AI score0.00008EPSS

Exploits0Affected Software2

CNNVD•added 2021/11/05 12:0 a.m.•4 views

PHP Event Calendar 跨站脚本漏洞

PHP Event Calendar is an open source AJAX-based multi-user modern event calendar . It is easy to integrate and fully customizable. PHP Event Calendar Lite Edition suffers from a cross-site scripting vulnerability. The vulnerability stems from a lack of proper validation of client-side data by the...

6.1CVSS6.1AI score0.00298EPSS

Exploits3References4

CNVD•added 2021/10/21 12:0 a.m.•4 views

IBM QRadar Advisor with Watson Cross-Site Scripting Vulnerability

IBM QRadar Advisor with Watson is a suite of security threat analysis solutions from IBM USA. The product includes features such as security threat response and threat probing. A security vulnerability exists in IBM QRadar Advisor with Watson, which stems from the lack of proper validation of...

6.1CVSS6.7AI score0.00166EPSS

Exploits0References1

CNVD•added 2021/10/11 12:0 a.m.•2 views

Tad TadTools Cross-Site Scripting Vulnerability

Tad TadTools is a module toolkit for individual developers at Tad in Taiwan, China. Used for module development, it can dramatically reduce the size of each module and speed up the development process. Tad TadTools suffers from a cross-site scripting vulnerability that originates from the lack of...

6.1CVSS6.3AI score0.00206EPSS

Exploits0References1

CNNVD•added 2021/09/10 12:0 a.m.•1 views

WordPress 插件跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. The WordPress Notices plugin suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute...

6.1CVSS6.1AI score0.0021EPSS

Exploits1References4

CNNVD•added 2021/08/26 12:0 a.m.•3 views

HotelDruid 跨站脚本漏洞

HotelDruid is a hotel management system by the Digitaldruid.net team. The system includes features such as room management, financial management and inventory management. Digital Druid HotelDruid 3.0.2 suffers from a cross-site scripting vulnerability that stems from a lack of proper validation o...

6.1CVSS6.1AI score0.00254EPSS

Exploits1References3

CNNVD•added 2021/08/19 12:0 a.m.•2 views

Phpgurukul Vehicle Parking Management System 跨站脚本漏洞

Phpgurukul Vehicle Parking Management System is a parking management system by the PHPGurukul Phpgurukul team. Phpgurukul Vehicle Parking Management System 1.0 suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the web application...

4.8CVSS5.1AI score0.00207EPSS

Exploits1References1

CNVD•added 2021/08/13 12:0 a.m.•14 views

Domainmod Cross-Site Scripting Vulnerability (CNVD-2021-70164)

A cross-site scripting vulnerability exists in Domainmod, a PHP and MySQL-based open source application for managing domain names and other Internet assets in a central location from the Domainmod community, which stems from the lack of proper validation of client-side data by the web application...

5.4CVSS2.4AI score0.00281EPSS

Exploits1References1

CNVD•added 2021/07/01 12:0 a.m.•9 views

IBM Datacap Fastdoc Capture Cross-Site Scripting Vulnerability

IBM Datacap Fastdoc Capture is a client-only capture software solution from IBM USA that automatically indexes scanned documents for accurate storage and retrieval. A cross-site scripting vulnerability exists in IBM Datacap Fastdoc Capture that stems from a lack of proper validation of client-sid...

5.4CVSS6.2AI score0.00143EPSS

Exploits0References1

CNVD•added 2021/05/14 12:0 a.m.•7 views

WAGO Cross-Site Scripting Vulnerability

WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is designed specifically for applications in industrial environments where digital algorithms operate electronic systems. A cross-site scripting vulnerability exists in WAGO. The vulnerability stems from a lack ...

8.8CVSS6.2AI score0.00391EPSS

Exploits0References1

CNVD•added 2021/03/04 12:0 a.m.•10 views

UltimateKode Neo Billing Cross-Site Scripting Vulnerability

Envato Neo Billing is an Envato open source application. Provides a well-designed enterprise billing and accounting solution. UltimateKode Neo Billing before 3.5 suffers from a cross-site scripting XSS vulnerability that stems from the lack of proper validation of client-side data in the WEB...

5.4CVSS5.8AI score0.00167EPSS

Exploits2References1

CNNVD•added 2021/01/20 12:0 a.m.•1 views

Vtiger CRM 跨站脚本漏洞

Vtiger CRM is a set of customer relationship management system CRM based on SugarCRM developed by American Vtiger. The management system provides management, collection and analysis of customer information and other functions. Vtiger CRM v7.2.0 suffers from a cross-site scripting vulnerability th...

6.1CVSS6.3AI score0.0024EPSS

Exploits1References2

CNVD•added 2020/07/08 12:0 a.m.•7 views

TYPO3 ke_search extension cross-site scripting vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. kesearch extension is one of the search engine extensions. A cross-site scripting vulnerability exists in TYPO3 kesearch extension. The vulnerability stems from the WEB application lacking...

5.4CVSS6.1AI score0.00206EPSS

Exploits0References1

CNVD•added 2020/06/23 12:0 a.m.•13 views

webTareas Cross-Site Scripting Vulnerability

webTareas is a web-based open source collaboration tool. The product supports features such as project management, bug tracking, content management and meeting management. A cross-site scripting vulnerability exists in the loginForm in the general/login.php page in webTareas version 2.0p8. The...

6.1CVSS6AI score0.00315EPSS

Exploits1References1

CNVD•added 2020/06/16 12:0 a.m.•10 views

WordPress wpForo Forum plugin cross-site scripting vulnerability (CNVD-2021-24375)

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wpForo Forum plugin is a forum plugin used in it. A cross-site scripting vulnerability exists in WordPress wpForo Forum...

4.8CVSS6.2AI score0.00186EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by