Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.10 views

CVE-2026-48904

An improper access check allows privelege escalation through the comusers group editing webservice endpoint...

9.8CVSS5.4AI score0.00292EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 1:22 p.m.11 views

EUVD-2019-20179

WordPress Soliloquy Lite 2.5.6 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting script tags in the post title field. Attackers can submit POST requests to the post editing endpoint with script payloads in the...

6.4CVSS5.6AI score0.00171EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/10 12:43 p.m.14 views

CVE-2021-47931 Exponent CMS 2.6 Multiple Vulnerabilities Stored XSS Authentication

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS5.9AI score0.00213EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/10 12:43 p.m.33 views

CVE-2021-47931 Exponent CMS 2.6 Multiple Vulnerabilities Stored XSS Authentication

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS0.00213EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.15 views

PT-2026-39507

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS5.9AI score0.00213EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/18 1:26 p.m.18 views

CVE-2025-59117 Multiple Stored XSS in Windu CMS

Windu CMS is vulnerable to multiple Stored Cross-Site Scripting XSS vulnerabilities in the page editing endpoint windu/admin/content/pages/edit/. This vulnerability can be exploited by a privileged user and may target users with higher privileges. Only version 4.1 was tested and confirmed as...

4.8CVSS0.00167EPSS
Exploits0References2
Rows per page
Query Builder