CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

232 matches found

OSV•added 2019/08/01 5:15 p.m.•1 views

CVE-2018-20948

cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration SEC-383...

6.1CVSS5.8AI score0.00262EPSS

Exploits0References2

ATTACKERKB•added 2019/03/21 4:0 p.m.•1 views

CVE-2018-19525

An issue was discovered on Systrome ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1TRUNK-20180914.bin devices. There is CSRF via /ui/?g=objkeywordsadd and /ui/?g=objkeywordsaddsave with resultant XSS because of a lack of csrf token validation...

6.1CVSS5.5AI score0.0042EPSS

Exploits3References5

CNVD•added 2017/08/02 12:0 a.m.•1 views

Multiple vulnerabilities in phpcms V9 front and backend

PHPCMS is a web content management system based on PHP and Mysql architecture. PHPCMS V9.6.3 backend has a reflective XSS and SQL injection vulnerability that can bypass the CSRF defense and upload any script file under certain conditions...

7.8AI score

Exploits0

Prion•added 2017/03/17 12:59 a.m.•16 views

Design/Logic Flaw

Microsoft SharePoint Server fails to sanitize crafted web requests, allowing remote attackers to run cross-script in local security context, aka "Microsoft SharePoint XSS Vulnerability."...

4.3CVSS5.9AI score0.02318EPSS

Exploits0References3Affected Software1

CNVD•added 2017/01/03 12:0 a.m.•1 views

Cross-site scripting vulnerability in wordpress plugin text-styler

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. The wordpress plugin text-styler has a cross-site scripting vulnerability due to improper filtering of user input, which allo...

6.6AI score

Exploits0

CNVD•added 2016/12/14 12:0 a.m.•1 views

Multiple Stored XSS Vulnerabilities in Journalx 2.0, a Remote Processing System for Journal Manuscripts

Journalx 2.0 is an independently developed platform for remote processing of journal manuscripts developed by Beijing Magtech. Journalx 2.0 contains multiple stored XSS vulnerabilities. The vulnerabilities can be exploited by an attacker to submit data with js code on the personal information pag...

6.6AI score

Exploits0

OpenVAS•added 2016/12/11 12:0 a.m.•33 views

Debian Security Advisory DSA 3731-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5181 A cross-site scripting issue was discovered. CVE-2016-5182 Giwan Go discovered a heap overflow issue. CVE-2016-5183 A use-after-free issue was discovered in the pdfium library. CVE-2016-5184 Another...

6.8CVSS0.6AI score0.78662EPSS

Exploits6References1

OSV•added 2016/04/18 10:59 a.m.•0 views

UBUNTU-CVE-2016-1652

Cross-site scripting XSS vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/modulesystem.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS...

6.1CVSS7.4AI score0.00623EPSS

Exploits0References3

securityvulns•added 2014/12/22 12:0 a.m.•73 views

Fuzzylime v3.03b CMS - CS Cross Scripting Vulnerability

Document Title: =============== Fuzzylime v3.03b CMS - CS Cross Scripting Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1357 Release Date: ============= 2014-12-02 Vulnerability Laboratory ID VL-ID: ==================================== 1357...

6.6AI score

Exploits0

Vulnerability Lab•added 2014/12/02 12:0 a.m.•52 views

Fuzzylime v3.03b CMS - CS Cross Scripting Vulnerability

7.1AI score

Exploits0

CERT•added 2012/03/19 12:0 a.m.•117 views

Quantum Scalar i500, Dell ML6000 and IBM TS3310 tape libraries web interface and preconfigured password vulnerabilities

Overview Cross scripting and preconfigured password vulnerabilities have been reported to exist in the Quantum Scalar i500, Dell ML6000 and IBM TS3310 tape libraries. Description Quantum Scalar i500, Dell ML6000 and IBM TS3310 enterprise tape libraries contain multiple web interface and...

7.5CVSS7.3AI score0.02257EPSS

Exploits0References7

0day.today•added 2010/02/27 12:0 a.m.•15 views

Jamit Job Board v.3.0 Cross Scripting Vulnerabilities

Exploit for unknown platform in category web applications ===================================================== Jamit Job Board v.3.0 Cross Scripting Vulnerabilities ===================================================== Jamit Job Board v.3.0 Cross Scripting Vulnerabilities + Exploit Title: Jamit...

7.1AI score

Exploits0

OpenVAS•added 2008/01/17 12:0 a.m.•28 views

Debian Security Advisory DSA 188-1 (apache-ssl)

The remote host is missing an update to apache-ssl announced via advisory DSA 188-1. OpenVAS Vulnerability Test $Id: deb1881.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 188-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

7.5CVSS0.9AI score0.90183EPSS

Exploits0

OpenVAS•added 2008/01/17 12:0 a.m.•21 views

Debian Security Advisory DSA 187-1 (apache)

The remote host is missing an update to apache announced via advisory DSA 187-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.90183EPSS

Exploits0References4

OpenVAS•added 2008/01/17 12:0 a.m.•21 views

Debian: Security Advisory (DSA-188)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.90183EPSS

Exploits0References3

Tenable Nessus•added 2007/12/24 12:0 a.m.•8 views

Fedora 8 : ganglia-3.0.6-1.fc8 (2007-4562)

Remedies a cross-scripting vulnerability in the ganglia web frontend. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

5.5AI score

Exploits0References1

OSV•added 2007/09/13 12:0 a.m.•9 views

DTSA-58-1 phpgroupware - cross scripting vulnerability

Bulletin has no description...

4.3CVSS6.4AI score0.00537EPSS

Exploits0

securityvulns•added 2007/07/04 12:0 a.m.•42 views

Security on AIR: Local file access through JavaScript

Hi! It's just a very first look to AIR Adobes Integrated Runtime and its possibilities to process HTML/JS. AIR is beta by now, so Adobe may change things in the final release. What is AIR? Quote from Adobe: "Adobe Integrated Runtime AIR is a cross- operating system runtime that allows you to...

6.6AI score

Exploits0

Packet Storm•added 2007/02/28 12:0 a.m.•31 views

sqllitemanager120-multi.txt

SQLiteManager v1.2.0 Multiple Vulnerabilities ------------------------------------------------------- vendor : http://www.sqlitemanager.org/ Global risk : High ------------------------------------------------------- SQLite is a SQL managed portal like PhpMyAdmin. Multiple Cross Scripting...

7.4AI score

Exploits0

securityvulns•added 2007/02/26 12:0 a.m.•53 views

SQLiteManager v1.2.0 Multiple Vulnerabilities

0.3AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by