CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

EUVD•added 5 days ago•7 views

EUVD-2026-31861

Bugsink: Issue event views can show an event from another project if its UUID is known...

3.1CVSS5.4AI score0.00028EPSS

Exploits0References3

Cvelist•added 2026/04/05 8:45 p.m.•18 views

CVE-2019-25676 Ask Expert Script 3.0.5 Cross Site Scripting SQL Injection

Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow unauthenticated attackers to inject malicious code by manipulating URL parameters. Attackers can inject script tags through the cateid parameter in categorysearch.php or SQL code through the view...

8.8CVSS0.0013EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-2715

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00054EPSS

Exploits0References5

OSV•added 2024/05/20 12:15 a.m.•2 views

CVE-2024-5107

A vulnerability, which was classified as critical, has been found in Campcodes Complete Web-Based School Management System 1.0. This issue affects some unknown processing of the file /view/studentpaymentdetails2.php. The manipulation of the argument index leads to sql injection. The attack may be...

6.5CVSS6.4AI score0.00157EPSS

Exploits1References4

BDU FSTEC•added 2023/10/13 12:0 a.m.•1 views

The vulnerability of the license_details_view function in the ScanCode.io software, which allows a hacker to perform XSS attacks.

The vulnerability of the licensedetailsview function in the ScanCode.io software exists because measures to protect the structure of web pages have not been implemented. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

6.4CVSS6.2AI score0.00592EPSS

Exploits1References3Affected Software1

SUSE CVE•added 2023/02/15 4:35 a.m.•2 views

SUSE CVE-2017-1000103

The custom Details view of the Static Analysis Utilities based DRY Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view...

5.4CVSS6.2AI score0.00049EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 4:35 a.m.•3 views

SUSE CVE-2017-1000109

The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view...

6.1CVSS5.9AI score0.00054EPSS

Exploits0References3

OSV•added 2019/12/17 10:53 p.m.•12 views

GHSA-4MVC-QC5W-V5QR Information disclosure in the Contao backend

Impact Back end users can manipulate the details view URL to show pages and articles that have not been enabled for them. Patches Update to Contao 4.4.46 or 4.8.6. Workarounds None. References https://contao.org/en/security-advisories/information-disclosure-in-the-back-end For more information If...

5.3CVSS5.1AI score0.00133EPSS

Exploits0References7

OSV•added 2019/12/17 2:15 p.m.•8 views

CVE-2019-19712

Contao 4.0 through 4.8.5 has Insecure Permissions. Back end users can manipulate the details view URL to show pages and articles that have not been enabled for them...

5.3CVSS5.3AI score

Exploits0References2

Prion•added 2019/12/17 2:15 p.m.•11 views

Design/Logic Flaw

Contao 4.0 through 4.8.5 has Insecure Permissions. Back end users can manipulate the details view URL to show pages and articles that have not been enabled for them...

5CVSS5.2AI score0.00133EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/12/17 1:59 p.m.•9 views

CVE-2019-19712

Contao 4.0 through 4.8.5 has Insecure Permissions. Back end users can manipulate the details view URL to show pages and articles that have not been enabled for them...

5.2AI score0.00133EPSS

Exploits0References2

CNVD•added 2017/11/03 12:0 a.m.•2 views

CloudBees Static Analysis Utilities and DRY plugin cross-site scripting vulnerability

CloudBees Static Analysis Utilities is the United States CloudBees company's Jenkins Java-based development of continuous integration tools in a static analysis tool . DRY Plugin is one of the analysis report generation plug-in . A cross-site scripting vulnerability exists in the Details view in...

5.4CVSS6.2AI score0.00049EPSS

Exploits0References1

CNVD•added 2017/10/31 12:0 a.m.•3 views

CloudBees Static Analysis Utilities plugin cross-site scripting vulnerability

CloudBees Static Analysis Utilities plugin is the U.S. CloudBees company's Jenkins Java-based development of continuous integration tools in a static analysis plugin . A cross-site scripting vulnerability exists in the Details view in the CloudBees Static Analysis Utilities plugin. A remote...

5.4CVSS5.3AI score0.00049EPSS

Exploits0References1

NVD•added 2017/10/05 1:29 a.m.•13 views

CVE-2017-1000103

5.4CVSS5.2AI score0.00049EPSS

Exploits0References2

OSV•added 2017/10/05 1:29 a.m.•15 views

CVE-2017-1000103

5.4CVSS6.3AI score

Exploits0References2

Prion•added 2017/10/05 1:29 a.m.•9 views

Cross site scripting

4.3CVSS5.9AI score0.00054EPSS

Exploits0References2Affected Software1

Cvelist•added 2017/10/04 1:0 a.m.•8 views

CVE-2017-1000103

5.2AI score0.00049EPSS

Exploits0References2

OSV•added 2017/07/17 1:18 p.m.•2 views

CVE-2017-1000066

The entry details view function in KeePass version 1.32 inadvertently decrypts certain database entries into memory, which may result in the disclosure of sensitive information...

7.5CVSS5.8AI score0.00595EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by