CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2026/06/09 2:59 p.m.•9 views

CVE-2026-7186

Stored cross-site scripting in the URL dashboard widget in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows a user with dashboard editing permissions to store a URL with a dangerous URI scheme such as javascript: that executes scripts in other users' browsers when they view the...

8.5CVSS5.2AI score0.00136EPSS

Exploits0References1

RedhatCVE•added 2025/11/11 7:48 p.m.•4 views

CVE-2025-47773

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a dashboard is edited via an AJAX call. Versions 2.7.13 and 3.2.2 protect rendered HTML content...

8.8CVSS6AI score0.0019EPSS

Exploits0References1

Positive Technologies•added 2025/11/10 12:0 a.m.•6 views

PT-2025-46184

Name of the Vulnerable Software and Affected Versions Combodo iTop versions prior to 2.7.13 Combodo iTop versions prior to 3.2.2 Description Combodo iTop, a web-based IT service management tool, is susceptible to cross-site scripting when a dashboard is edited through an AJAX call. This allows fo...

8.8CVSS6.4AI score0.0019EPSS

Exploits0References6

CNNVD•added 2025/11/10 12:0 a.m.•4 views

Combodo iTop 跨站脚本漏洞

Combodo iTop is a set of open source web applications developed by Combodo France based on ITIL and used for the daily operation of IT environments. The program provides incident management, configuration management and problem management. A cross-site scripting vulnerability exists in Combodo iT...

8.8CVSS5.8AI score0.0019EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2019-5525

Malware in sbrugna...

5.4CVSS5.5AI score0.0072EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2020-20867

Malware in sbrugna...

5.4CVSS5.6AI score0.00538EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2020-3435

Malware in sbrugna...

9.9CVSS8.6AI score0.02152EPSS

Exploits1References5

RedhatCVE•added 2025/05/22 8:8 p.m.•6 views

CVE-2021-38156

In Nagios XI before 5.8.6, XSS exists in the dashboard page /dashboards/ when administrative users attempt to edit a dashboard...

5.4CVSS6AI score0.88939EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:22 p.m.•6 views

CVE-2020-28408

The server in Dundas BI through 8.0.0.1001 allows XSS via an HTML label when creating or editing a dashboard...

5.4CVSS5.8AI score0.00538EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:30 a.m.•11 views

CVE-2019-14298

Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Descriptionconfig field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx...

5.4CVSS5.8AI score0.0072EPSS

Exploits1References1

CNVD•added 2020/11/12 12:0 a.m.•3 views

Dundas BI server cross-site scripting vulnerability

Dundas BI server is a web-based server application. A cross-site scripting vulnerability exists in Dundas BI version 8.0.0.1001 and prior versions, which stems from allowing XSS attacks via HTML tags when creating or editing dashboards. No detailed vulnerability details are currently available...

5.4CVSS5.8AI score0.00538EPSS

Exploits1References1

BDU FSTEC•added 2020/05/07 12:0 a.m.•4 views

The vulnerability of the WordPress website content management system, related to the lack of measures taken to protect the structure of web pages, allows attackers to compromise the integrity of data.

The vulnerability of the WordPress content management system is related to an error in the XSS attack reproduction process when editing blocks in the dashboard, which is only accessible to authorized users. Exploiting this vulnerability could allow a malicious actor to compromise data integrity...

5.4CVSS6.7AI score0.01396EPSS

Exploits0References3Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by