CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

54 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-15369

Malware in sbrugna...

6.1CVSS6.2AI score0.00686EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-30933

Malicious code in bioql PyPI...

4.8CVSS5.4AI score0.00354EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 4:52 a.m.•9 views

CVE-2023-46967

Cross Site Scripting vulnerability in the sanitize function in Enhancesoft osTicket 1.18.0 allows a remote attacker to escalate privileges via a crafted support ticket...

6.1CVSS6.7AI score0.00439EPSS

Exploits1

NVD•added 2024/02/20 9:15 p.m.•11 views

CVE-2023-46967

Cross Site Scripting vulnerability in the sanitize function in Enhancesoft osTicket 1.18.0 allows a remote attacker to escalate privileges via a crafted support ticket...

6.1CVSS6.4AI score0.00439EPSS

Exploits1References1

Vulnrichment•added 2024/02/20 12:0 a.m.•10 views

CVE-2023-46967

Cross Site Scripting vulnerability in the sanitize function in Enhancesoft osTicket 1.18.0 allows a remote attacker to escalate privileges via a crafted support ticket...

6.9AI score0.00439EPSS

Exploits1References1

CNNVD•added 2024/02/20 12:0 a.m.•2 views

Enhancesoft osTicket Cross-Site Scripting Vulnerability

Enhancesoft osTicket is an open-source ticketing system from Enhancesoft, USA. A cross-site scripting vulnerability exists in Enhancesoft osTicket version 1.18.0, which stems from a vulnerability that allows a remote attacker to elevate privileges via a carefully crafted support ticket...

6.1CVSS6.3AI score0.00439EPSS

Exploits1References2

CVE•added 2024/02/20 12:0 a.m.•4021 views

CVE-2023-46967

CVE-2023-46967 involves a Cross Site Scripting vulnerability in the sanitize function of Enhancesoft osTicket 1.18.0 . The underlying issue allows a remote attacker to escalate privileges via a crafted support ticket. Core details from the connected documents confirm the affected software and the...

6.1CVSS6.6AI score0.00439EPSS

Exploits1References1Affected Software1

NVD•added 2023/10/23 8:15 p.m.•15 views

CVE-2023-27149

A stored cross-site scripting XSS vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list...

4.8CVSS5AI score0.00354EPSS

Exploits1References1

ATTACKERKB•added 2023/10/23 8:15 p.m.•2 views

CVE-2023-27148

A stored cross-site scripting XSS vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter...

4.8CVSS6AI score0.00354EPSS

Exploits1References2

NVD•added 2023/10/23 8:15 p.m.•13 views

CVE-2023-27148

4.8CVSS4.9AI score0.00354EPSS

Exploits1References1

OSV•added 2023/10/23 8:15 p.m.•23 views

CVE-2023-27148

4.8CVSS5.7AI score0.00354EPSS

Exploits1References1

OSV•added 2023/10/23 8:15 p.m.•20 views

CVE-2023-27149

4.8CVSS5.7AI score0.00354EPSS

Exploits1References1

CNNVD•added 2023/10/23 12:0 a.m.•2 views

Enhancesoft osTicket Cross-Site Scripting Vulnerability

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, USA. A security vulnerability exists in Enhancesoft osTicket v1.17.2. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the Label input paramete...

4.8CVSS6.7AI score0.00354EPSS

Exploits1References2

CVE•added 2023/10/23 12:0 a.m.•54 views

CVE-2023-27149

CVE-2023-27149 describes a stored XSS in Enhancesoft osTicket v1.17.2, exploitable via crafted payload in the Label input during a custom list update. Affected component: Label field handling in osTicket’s custom lists. Impact per sources: execution of arbitrary web scripts/HTML. Root cause: inpu...

4.8CVSS4.9AI score0.00354EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2023/10/23 12:0 a.m.•11 views

CVE-2023-27149

5.5AI score0.00354EPSS

Exploits1References1

Vulnrichment•added 2023/10/23 12:0 a.m.•13 views

CVE-2023-27148

5.5AI score0.00354EPSS

Exploits1References1

Cvelist•added 2023/10/23 12:0 a.m.•19 views

CVE-2023-27149

5.1AI score0.00354EPSS

Exploits1References1

CVE•added 2023/10/23 12:0 a.m.•84 views

CVE-2023-27148

CVE-2023-27148 describes a stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket Admin panel (v1.17.2). The flaw allows an attacker to inject arbitrary web scripts or HTML via the Role Name parameter, enabling potential script execution in the context of authenticated users with...

4.8CVSS4.9AI score0.00354EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/10/23 12:0 a.m.•17 views

CVE-2023-27148

5.1AI score0.00354EPSS

Exploits1References1

CNNVD•added 2023/09/08 12:0 a.m.•2 views

Enhancesoft osTicket SQL Injection Vulnerability

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. A security vulnerability exists in Enhancesoft osTicket v1.15.6, which originates from an SQL injection vulnerability in the Search function of the tickets.php page, allowing an authenticated attacker to execute...

6.5CVSS8.4AI score0.02808EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by