CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-27933

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.0152EPSS

Exploits0References1

Cvelist•added 2022/09/13 2:58 p.m.•14 views

CVE-2022-36778 Synel - eHarmony Stored XSS

insert HTML / js code inside input how to get to the vulnerable input : Workers worker nickname inject in this input the code...

6.5CVSS6.7AI score0.00215EPSS

Exploits0References1

Cvelist•added 2022/08/05 3:24 p.m.•16 views

CVE-2022-34768 Synel - eHarmony Stored XSS

insert HTML / js code inside input how to get to the vulnerable input : Workers worker nickname inject in this input the code...

6.5CVSS7.7AI score0.00212EPSS

Exploits0References1

Vulnrichment•added 2022/08/05 3:24 p.m.•3 views

CVE-2022-34768 Synel - eHarmony Stored XSS

insert HTML / js code inside input how to get to the vulnerable input : Workers worker nickname inject in this input the code...

6.5CVSS7.2AI score0.00212EPSS

Exploits0References1

OSV•added 2022/01/28 8:15 p.m.•0 views

CVE-2022-22791

SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the "comments" field could lead to potential stealing of cookies, loading of HTML tags and JS code onto the system...

5.4CVSS5.8AI score

Exploits0References1

NVD•added 2022/01/28 8:15 p.m.•11 views

CVE-2022-22790

SYNEL - eharmony Directory Traversal. Directory Traversal - is an attack against a server or a Web application aimed at unauthorized access to the file system. on the "Name" parameter the attacker can return to the root directory and open the host file. The path exposes sensitive files that users...

7.5CVSS0.0152EPSS

Exploits0References1

ATTACKERKB•added 2022/01/28 8:15 p.m.•2 views

CVE-2022-22790

7.5CVSS7.1AI score0.0152EPSS

Exploits0References2

NVD•added 2022/01/28 8:15 p.m.•13 views

CVE-2022-22791

SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the "comments" field could lead to potential stealing of cookies, loading of HTML tags and JS code onto the system...

6.6CVSS0.00117EPSS

Exploits0References1

ATTACKERKB•added 2022/01/28 8:15 p.m.•4 views

CVE-2022-22791

SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the "comments" field could lead to potential stealing of cookies, loading of HTML tags and JS code onto the system...

6.6CVSS6.1AI score0.00117EPSS

Exploits0References2

Prion•added 2022/01/28 8:15 p.m.•11 views

Design/Logic Flaw

SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the "comments" field could lead to potential stealing of cookies, loading of HTML tags and JS code onto the system...

3.5CVSS5.6AI score0.00117EPSS

Exploits0References1Affected Software1

Prion•added 2022/01/28 8:15 p.m.•13 views

Directory traversal

5CVSS7.5AI score0.0152EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/01/28 7:9 p.m.•10 views

CVE-2022-22791 SYNEL - eharmony Authenticated Blind & Stored XSS

SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the "comments" field could lead to potential stealing of cookies, loading of HTML tags and JS code onto the system...

6.6CVSS6.6AI score0.00117EPSS

Exploits0References1

CVE•added 2022/01/28 7:9 p.m.•72 views

CVE-2022-22791

The CVE-2022-22791 entry relates to Synel eharmony, describing an authenticated blind and stored cross-site scripting (XSS) vulnerability in the comments field. The root cause is injection of JavaScript through the comments field, with the potential impact noted as cookie theft and the embedding ...

6.6CVSS5.6AI score0.00117EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/01/28 7:9 p.m.•11 views

CVE-2022-22790 SYNEL - eharmony Directory Traversal

5.6CVSS7.7AI score0.0152EPSS

Exploits0References1

CVE•added 2022/01/28 7:9 p.m.•130 views

CVE-2022-22790

CVE-2022-22790 describes a directory traversal vulnerability in the Synel eharmony system. The issue arises via the Name parameter , allowing an attacker to traverse to the root directory and access host files, exposing sensitive files uploaded by users. Documented impact includes unauthorized fi...

7.5CVSS6.4AI score0.0152EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2021/12/08 12:0 a.m.•2 views

PT-2021-21322 · Synel · Synel Reports +1

Name of the Vulnerable Software and Affected Versions: SYNEL eharmonynew versions prior to 11 Synel Reports versions prior to 11 Synel Reports version 8.0.2 Description: The issue allows an attacker to log in to the system with default credentials and export a report of the eharmony system with...

6.8CVSS6.5AI score0.00182EPSS

Exploits0References3

Trellix•added 2021/02/18 12:0 a.m.•17 views

Beyond Clubhouse: Vulnerable Agora SDKs Still in Widespread Use | McAfee Blogs

Beyond Clubhouse: Vulnerable Agora SDKs Still in Widespread Use Steve Povolny · FEB 18, 2021 On February 17th, 2021, McAfee disclosed findings based on a 10-month long disclosure process with major video conferencing vendor Agora, Inc. As we disclosed the findings to Agora in April 2020, this...

5.7AI score0.00257EPSS

Exploits1

The Hacker News•added 2021/02/17 1:29 p.m.•51 views

Agora SDK Bug Left Several Video Calling Apps Vulnerable to Snooping

A severe security vulnerability in a popular video calling software development kit SDK could have allowed an attacker to spy on ongoing private video and audio calls. That's according to new research published by the McAfee Advanced Threat Research ATR team today, which found the aforementioned...

5.9CVSS1.4AI score0.00257EPSS

Exploits1

Openbugbounty•added 2016/04/27 5:26 p.m.•11 views

eharmony.com Open Redirect vulnerability

Vulnerable URL: http://www.eharmony.com/umessage/clickTracker?rurl=https://www.openbugbounty.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 4912 VIP website status:|...

6.8AI score

Exploits0