CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Openbugbounty•added 2017/09/17 8:28 p.m.•9 views

compfight.com XSS vulnerability

Vulnerable URL: http://compfight.com/search/';alert%22OPENBUGBOUNTY%22;' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 16.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 203359 VIP website status:| No Coordinated Disclosure...

6.3AI score

Openbugbounty•added 2015/10/24 3:0 p.m.•10 views

compfight.com XSS vulnerability

Open Bug Bounty ID: OBB-94767 Description| Value ---|--- Affected Website:| compfight.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...

6.4AI score

NVD•added 2014/11/05 11:55 p.m.•16 views

CVE-2014-8622

3.5CVSS5.4AI score0.00284EPSS

Prion•added 2014/11/05 11:55 p.m.•10 views

Cross site scripting

3.5CVSS5.8AI score0.00284EPSS

Cvelist•added 2014/11/05 11:0 p.m.•21 views

CVE-2014-8622

5.4AI score0.00284EPSS

CVE•added 2014/11/05 11:0 p.m.•54 views

CVE-2014-8622

CVE-2014-8622 : This vulnerability affects the WordPress Compfight plugin, specifically version 1.4, where the compfight-search.php component is vulnerable to cross-site scripting via the search-value parameter. The issue could allow remote authenticated users to inject arbitrary script or HTML. ...

3.5CVSS5.5AI score0.00284EPSS

Patchstack•added 2014/11/05 12:0 a.m.•15 views

WordPress Compfight Plugin <= 1.4 - XSS

This vulnerability is in the compfight-search.php. It allows authenticated users to inject arbitrary web script or HTML via the "search-value" parameter. Solution Update the plugin...

3.5CVSS3AI score0.00284EPSS

Exploits1References1Affected Software1

WPVulnDB•added 2014/09/19 12:12 p.m.•20 views

Compfight < 1.5 Cross-Site Scripting (XSS)

The compfight WordPress plugin was affected by security vulnerability...

3.5CVSS1.3AI score0.00284EPSS

Exploits2References2Affected Software1

NVD•added 2014/08/12 11:55 p.m.•12 views

CVE-2014-5202

3.5CVSS5.4AI score0.00139EPSS

Prion•added 2014/08/12 11:55 p.m.•9 views

Cross site scripting

3.5CVSS5.8AI score0.00139EPSS

CVE•added 2014/08/12 11:0 p.m.•34 views

CVE-2014-5202

CVE-2014-5202 describes a cross-site scripting (XSS) vulnerability in the WordPress plugin Compfight 1.4 . The issue arises in the file compfight-search.php where an attacker can inject arbitrary script/HTML via the search-value parameter. The CVE indicates the vulnerability affects authenticated...

3.5CVSS5.5AI score0.00139EPSS

Cvelist•added 2014/08/12 11:0 p.m.•26 views

CVE-2014-5202

5.4AI score0.00139EPSS

Packet Storm•added 2014/07/10 12:0 a.m.•31 views

WordPress Compfight 1.4 Cross Site Scripting

Exploit Title : Wordpress Compfight 1.4 Authenticated Cross Site Scripting Exploit Author : Claudio Viviani Vendor Homepage : http://wordpress.org/plugins/easy-banners/ Software Link : http://downloads.wordpress.org/plugin/compfight.1.4.zip Date : 2014-07-03 Tested on : Windows 7 / Mozilla Firefo...