CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

69 matches found

EUVD•added 2026/04/09 3:35 p.m.•6 views

EUVD-2025-209380

Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery SSRF in User Evaluation, Message, and Comment modules...

5.9AI score0.00275EPSS

Exploits0References4

NVD•added 2026/04/09 3:16 p.m.•2 views

CVE-2025-50228

Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery SSRF in User Evaluation, Message, and Comment modules...

9.1CVSS0.00275EPSS

Exploits0References3

Vulnrichment•added 2026/04/09 12:0 a.m.•3 views

CVE-2025-50228

Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery SSRF in User Evaluation, Message, and Comment modules...

5.8AI score0.00275EPSS

Exploits0References3

Cvelist•added 2026/04/09 12:0 a.m.•18 views

CVE-2025-50228

Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery SSRF in User Evaluation, Message, and Comment modules...

0.00275EPSS

Exploits0References3

ATTACKERKB•added 2026/04/09 12:0 a.m.•1 views

CVE-2025-50228

Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery SSRF in User Evaluation, Message, and Comment modules...

5.9AI score0.00275EPSS

Exploits0References4

CVE•added 2026/04/09 12:0 a.m.•8 views

CVE-2025-50228

CVE-2025-50228 affects Jizhicms v2.5.4. Multiple connected sources describe a vulnerability classified as Server-Side Request Forgery (SSRF) in the User Evaluation, Message, and Comment modules. The primary CVE notes a high-severity impact (CVSS v3.1: 9.1, CRITICAL) with network access, no user i...

9.1CVSS5.9AI score0.00275EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2026/04/06 10:57 a.m.•4 views

CVE-2026-34229

Emlog is an open source website building system. Prior to version 2.6.8, there is a stored cross-site scripting XSS vulnerability in emlog comment module via URI scheme validation bypass. This issue has been patched in version 2.6.8...

6.1CVSS5.7AI score0.0023EPSS

Exploits1References1

NVD•added 2026/04/03 11:17 p.m.•7 views

CVE-2026-34229

6.1CVSS0.0023EPSS

Exploits1References2

Vulnrichment•added 2026/04/03 10:31 p.m.•1 views

CVE-2026-34229 Emlog: Stored XSS in Comment Module via URI Scheme Validation Bypass

6.1CVSS5.7AI score0.0023EPSS

Exploits1References2

EUVD•added 2026/04/03 10:31 p.m.•3 views

EUVD-2026-18899

6.1CVSS5.7AI score0.0023EPSS

Exploits1References2

CVE•added 2026/04/03 10:31 p.m.•10 views

CVE-2026-34229

CVE-2026-34229 affects Emlog prior to version 2.6.8, with a stored XSS in the comment module triggered via bypass of URI scheme validation. The underlying issue is a URI scheme validation bypass, allowing injection of script payloads into comments. The vulnerability is addressed in version 2.6.8 ...

6.1CVSS5.7AI score0.0023EPSS

Exploits1References2Affected Software1

ATTACKERKB•added 2026/04/03 10:31 p.m.•0 views

CVE-2026-34229

6.1CVSS5.7AI score0.0023EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2026/04/03 12:0 a.m.•5 views

PT-2026-30264

6.1CVSS5.7AI score0.0023EPSS

Exploits1References3

CNNVD•added 2026/04/03 12:0 a.m.•8 views

emlog 跨站脚本漏洞

Emlog is an open-source CMS website building system based on PHP and MySQL. Versions of Emlog prior to 2.6.8 had a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site script in the comment module, which could lead to cross-site scripting attacks...

6.1CVSS5.6AI score0.0023EPSS

Exploits1References2

RedhatCVE•added 2025/12/30 1:2 a.m.•14 views

CVE-2025-65442

DOM-based Cross-Site Scripting XSS vulnerability in 201206030 novel V3.5.0 allows remote attackers to execute arbitrary JavaScript code or disclose sensitive information e.g., user session cookies via a crafted "wvstest" parameter in the URL or malicious script injection into window.localStorage...

6.1CVSS6AI score0.00291EPSS

Exploits1References1

CVE•added 2025/12/29 12:0 a.m.•14 views

CVE-2025-65442

CVE-2025-65442 describes a DOM-based XSS in the 201206030 novel system version 3.5.0. The root cause is insufficient validation/encoding of user-controllable data in the book_comment module: unfiltered input is stored in the database (book_comment.commentContent) and later rendered into the page ...

6.1CVSS5.5AI score0.00291EPSS

Exploits1References3Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2010-3094

Malware in sbrugna...

3.5CVSS6.1AI score0.01426EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2006-6827

Malware in sbrugna...

6.8CVSS6.4AI score0.01299EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2022-5333

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00936EPSS

Exploits0References7

RedhatCVE•added 2025/05/22 5:0 p.m.•6 views

CVE-2020-15885

A Cross-Site Scripting XSS vulnerability in the comment module before 4.0 for MunkiReport allows remote attackers to inject arbitrary web script or HTML by posting a new comment...

5.4CVSS5.7AI score0.00936EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by