Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSV
OSVadded 2025/11/05 5:15 p.m.0 views

CVE-2025-57244

OpenKM Community Edition 6.3.12 is vulnerable to stored cross-site scripting XSS in the user account creation interface. The Name field accepts script tags and the Email field is vulnerable when the POST request is modified to include encoded script tags, by passing frontend validation...

5.4CVSS5.9AI score0.00032EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/11/05 12:0 a.m.5 views

CVE-2025-57244

OpenKM Community Edition 6.3.12 is vulnerable to stored cross-site scripting XSS in the user account creation interface. The Name field accepts script tags and the Email field is vulnerable when the POST request is modified to include encoded script tags, by passing frontend validation...

0.00032EPSS
Exploits1References2
The Hacker News
The Hacker Newsadded 2023/02/15 9:25 a.m.3 views

Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar

Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that's designed to fly under the radar and drop additional payloads onto a compromised host. "It seemed as if the authors of this malware were trying to implement as many anti-debugging and anti-VM anti-sandbox...

6.9AI score
Exploits0
NVD
NVDadded 2018/06/04 7:29 p.m.5 views

CVE-2017-16018

Restify is a framework for building REST APIs. Restify =2.0.0 =4.0.4 using URL encoded script tags in a non-existent URL, an attacker can get script to run in some browsers...

6.1CVSS6.2AI score0.00223EPSS
Exploits1References2
Cvelist
Cvelistadded 2018/06/04 7:0 p.m.10 views

CVE-2017-16018

Restify is a framework for building REST APIs. Restify =2.0.0 =4.0.4 using URL encoded script tags in a non-existent URL, an attacker can get script to run in some browsers...

6.2AI score0.00223EPSS
Exploits1References2
Prion
Prionadded 2017/10/15 5:29 p.m.10 views

Cross site scripting

PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect error handling for an HTML encoded script...

3.5CVSS5.2AI score0.00188EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2017/10/15 5:0 p.m.52 views

CVE-2017-15360

CVE-2017-15360 affects PRTG Network Monitor version 17.3.33.2830, where stored Cross-Site Scripting is possible in all created group names due to incorrect HTML-encoded script error handling. The connected documents confirm the vulnerability description but do not provide concrete remediation det...

5.4CVSS5.5AI score0.00188EPSS
Exploits1References1Affected Software1
Kitploit
Kitploitadded 2017/09/27 9:12 p.m.302 views

PowerShdll - Run PowerShell with rundll32 (Bypass software restrictions)

Run PowerShell with dlls only. Does not require access to powershell.exe as it uses powershell automation dlls. dll mode: Usage: rundll32 PowerShdll,main rundll32 PowerShdll,main -f Run the script passed as argument rundll32 PowerShdll,main -w Start an interactive console in a new window rundll32...

7.4AI score
Exploits0References1
Mozilla
Mozillaadded 2010/10/19 12:0 a.m.48 views

XSS in gopher parser when parsing hrefs — Mozilla

Google security researcher Robert Swiecki reported that functions used by the Gopher parser to convert text to HTML tags could be exploited to turn text into executable JavaScript. If an attacker could create a file or directory on a Gopher server with the encoded script as part of its name the...

4.3CVSS0.5AI score0.00722EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder