CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2008-2962

Malware in sbrugna...

7.5CVSS6.4AI score0.00485EPSS

Exploits0References5

OSV•added 2023/10/27 9:15 p.m.•2 views

CVE-2022-34834

An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log...

4.8CVSS5.8AI score

Exploits0References2

ATTACKERKB•added 2023/10/27 9:15 p.m.•0 views

CVE-2022-34834

An issue was discovered in VERMEG AgileReporter 21.3. Attackers can gain privileges via an XSS payload in an Add Comment action to the Activity log...

4.8CVSS5.9AI score0.00061EPSS

Exploits1References3

Atlassian•added 2023/06/13 2:28 p.m.•23 views

Smart commit action do not respect user permission for Comment actions

h3. Summary When executing a smart commit for adding a comment as per Processing issues with Smart Commits|https://confluence.atlassian.com/jirasoftwareserver0904/processing-issues-with-smart-commits-1188765783.html, it is not failing even if the user does not have permission for the requested...

6.8AI score

Exploits0Affected Software1

OSV•added 2018/01/16 7:29 p.m.•1 views

CVE-2018-5370

BizLogic xnami 1.0 has XSS via the comment parameter in an addComment action to the /media/ajax URI...

6.1CVSS5.8AI score0.00296EPSS

Exploits5References2

Prion•added 2014/07/09 2:55 p.m.•20 views

Sql injection

SQL injection vulnerability in zerotransactarticle.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a Submit Comment action...

7.5CVSS8.9AI score0.00869EPSS

Exploits6References2Affected Software1

Cvelist•added 2014/07/09 2:0 p.m.•24 views

CVE-2014-4194

SQL injection vulnerability in zerotransactarticle.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a Submit Comment action...

8.2AI score0.00869EPSS

Exploits6References2

Cvelist•added 2009/09/23 10:0 a.m.•13 views

CVE-2009-3313

Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to 1 index.php and 2 editComments.php, and 3 allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action ...

8.2AI score0.00244EPSS

Exploits0References7

NVD•added 2008/07/02 5:14 p.m.•13 views

CVE-2008-2972

SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the catid parameter in a comment action...

7.5CVSS8.3AI score0.00485EPSS

Exploits0References4

Prion•added 2008/07/02 5:14 p.m.•10 views

Sql injection

SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the catid parameter in a comment action...

7.5CVSS9.1AI score0.00485EPSS

Exploits0References4

Cvelist•added 2008/07/02 5:0 p.m.•15 views

CVE-2008-2972

SQL injection vulnerability in index.php in KbLance allows remote attackers to execute arbitrary SQL commands via the catid parameter in a comment action...

8.3AI score0.00485EPSS

Exploits0References4

Atlassian•added 2008/03/11 5:24 a.m.•22 views

XSS vulnerabilities in create/edit/copy page and blogpost actions

The following create/edit page URL's are vulnerable: - /pages/createpage.action - /pages/docreatepage.action - /pages/editpage.action - /pages/doeditepage.action on parentPageString, mode, labelsString, captchaId The following create/edit blogpost URL's are vulnerable: -...

1.8AI score

Exploits0Affected Software1

Atlassian•added 2008/03/11 5:24 a.m.•25 views

XSS vulnerabilities in create/edit/copy page and blogpost actions

1.8AI score

Exploits0Affected Software1

Atlassian•added 2008/03/11 5:24 a.m.•23 views

XSS vulnerabilities in create/edit/copy page and blogpost actions

1.8AI score

Exploits0

Rows per page