Lucene search
K

3862 matches found

CNNVD
CNNVD
added 2025/10/10 12:0 a.m.3 views

Liferay Portal和Liferay DXP 跨站请求伪造漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS, and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DX...

5.1CVSS6.4AI score0.00178EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/09 12:32 a.m.5 views

EUVD-2025-33257

A weakness has been identified in code-projects Online Complaint Site 1.0. Impacted is an unknown function of the file /cms/users/complaint-details.php. Executing manipulation of the argument cid can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made...

6.5CVSS6.5AI score0.00343EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/10/09 12:14 a.m.10 views

CVE-2025-60299

Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database a...

5.4CVSS5.4AI score0.00195EPSS
Exploits1References1
NVD
NVD
added 2025/10/08 1:15 p.m.8 views

CVE-2025-60299

Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database a...

5.4CVSS0.00195EPSS
Exploits1References2
CVE
CVE
added 2025/10/08 12:0 a.m.16 views

CVE-2025-60299

CVE-2025-60299 affects Novel-Plus version 5.2.0 with a stored XSS in the /book/addCommentReply endpoint. An authenticated user can inject JavaScript via the replyContent parameter when replying to a book comment; the payload is stored in the database and executes in other users’ browsers viewing ...

5.4CVSS5.1AI score0.00195EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/08 12:0 a.m.5 views

CVE-2025-60299

Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database a...

5.1AI score0.00195EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/10/08 12:0 a.m.6 views

PT-2025-41256

Name of the Vulnerable Software and Affected Versions Novel-Plus version 5.2.0 Description An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment via the /book/addCommentReply endpoint. The malicious payload is stored in the databa...

5.4CVSS5.4AI score0.00195EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/10/08 12:0 a.m.9 views

CVE-2025-60299

Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database a...

0.00195EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/08 12:0 a.m.4 views

EUVD-2025-33177

Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting XSS vulnerability via the /book/addCommentReply endpoint. An authenticated user can inject malicious JavaScript through the replyContent parameter when replying to a book comment. The payload is stored in the database a...

5.4CVSS5AI score0.00195EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/10/07 9:21 p.m.5 views

CVE-2025-11276

A security flaw has been discovered in Rebuild up to 4.1.3. Affected by this issue is some unknown functionality of the component Comment/Guestbook. Performing manipulation results in cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 4.1.4 can resolve this...

5.1CVSS5.8AI score0.00227EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2010-1628

Malware in sbrugna...

7.5CVSS6.1AI score0.15695EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-6875

Malware in sbrugna...

6CVSS6.4AI score0.01246EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2010-4340

Malware in sbrugna...

9.3CVSS6.2AI score0.061EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-10959

Malware in sbrugna...

6.5CVSS6.4AI score0.01864EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-1502

Malware in sbrugna...

7.5CVSS6.4AI score0.01729EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-4234

Malware in sbrugna...

6.4CVSS6.4AI score0.01561EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-2962

Malware in sbrugna...

7.5CVSS6.4AI score0.0101EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-24139

Malware in sbrugna...

7.3CVSS6.5AI score0.00851EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-19127

Malware in sbrugna...

6.1CVSS6.3AI score0.00865EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-4713

Malware in sbrugna...

4.3CVSS6.4AI score0.02142EPSS
Exploits1References7
Rows per page
Query Builder