CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Positive Technologies•added 2023/01/20 12:0 a.m.•2 views

PT-2023-14692 · Eyoucms · Eyoucms

Name of the Vulnerable Software and Affected Versions: EyouCMS versions 1.6.0 and earlier Description: A reflected-XSS issue was discovered in the article publish component. The issue is related to the cookie ENV LIST URL. Recommendations: For EyouCMS versions 1.6.0 and earlier, update to a versi...

6.1CVSS6.1AI score0.00294EPSS

Exploits1References3

Malwarebytes•added 2022/09/22 12:0 p.m.•29 views

Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. In Firefox 105 a total of seven vulnerabilities were patched, three of which received the...

9.5AI score0.00502EPSS

Exploits0

Huntr•added 2021/08/04 3:38 p.m.•10 views

Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

✍️ Description Attacker is able to disable a user notification if a logged in user visits attacker website. 🕵️‍♂️ Proof of Concept 1. when you logged in open this POC.html in a browser 2. you can check your notification is disabled history.pushState'', '', '/' document.forms0.submit; 💥 Impact This...

1.3AI score

Exploits0References1

CVE•added 2021/06/21 7:18 p.m.•49 views

CVE-2021-24379

The CVE covers the WordPress Comments Like Dislike plugin (versions

5.3CVSS5.2AI score0.00296EPSS

Exploits2References1Affected Software1

ATTACKERKB•added 2016/06/30 5:59 p.m.•5 views

CVE-2016-4309

Session fixation vulnerability in Symphony CMS 2.6.7, when session.useonlycookies is disabled, allows remote attackers to hijack web sessions via the PHPSESSID parameter...

7.6CVSS5.6AI score0.19129EPSS

Exploits5References7

OSV•added 2015/09/18 10:59 a.m.•0 views

UBUNTU-CVE-2015-3801

The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors...

5CVSS5.9AI score0.00977EPSS

Exploits0References4

Prion•added 2015/09/18 10:59 a.m.•17 views

Design/Logic Flaw

5CVSS6.1AI score0.00977EPSS

Exploits0References6Affected Software2

UbuntuCve•added 2015/09/18 10:59 a.m.•20 views

CVE-2015-3801

5CVSS6AI score0.00977EPSS

Exploits0References3

Cvelist•added 2015/09/18 10:0 a.m.•14 views

CVE-2015-3801

5.7AI score0.00977EPSS

Exploits0References6

Positive Technologies•added 2008/07/31 12:0 a.m.•1 views

PT-2008-4800 · Runesoft · Cerberus Cms

Name of the Vulnerable Software and Affected Versions: Runesoft Cerberus CMS versions prior to 3 1.4 0.9 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via a cerberus user cookie. This enables attackers to execute malicious scripts on...

6.1CVSS6.1AI score0.00457EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by