CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-1328

Malware in sbrugna...

4.3CVSS6.4AI score0.0264EPSS

Exploits1References7

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-41566

Malicious code in bioql PyPI...

7.6CVSS6.4AI score0.00321EPSS

Exploits0References1

NVD•added 2022/10/31 9:15 p.m.•8 views

CVE-2022-39020

Multiple instances of XSS stored and reflected was found in the application. For example, features such as student assessment submission, file upload, news, ePortfolio and calendar event creation were found to be vulnerable to cross-site scripting...

7.6CVSS0.00321EPSS

Exploits0References1

OSV•added 2022/10/31 9:15 p.m.•0 views

CVE-2022-39020

6.1CVSS5.6AI score0.00321EPSS

Exploits0References1

Prion•added 2022/10/31 9:15 p.m.•10 views

Cross site scripting

5.8CVSS5.9AI score0.00321EPSS

Exploits0References1Affected Software1

CVE•added 2022/10/31 8:6 p.m.•50 views

CVE-2022-39020

CVE-2022-39020 corresponds to multiple XSS vulnerabilities in Schoolbox, affecting version 21.0.2. The issues are described as stored and reflected XSS in features such as student assessment submission, file upload, news, ePortfolio, and calendar event creation. The root cause is XSS, but the pro...

7.6CVSS6.2AI score0.00321EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/10/31 8:6 p.m.•16 views

CVE-2022-39020 Cross-site scripting in Schoolbox version 21.0.2, by Schoolbox Pty Ltd

7.6CVSS7.4AI score0.00321EPSS

Exploits0References1

Vulnrichment•added 2022/10/31 8:6 p.m.•5 views

CVE-2022-39020 Cross-site scripting in Schoolbox version 21.0.2, by Schoolbox Pty Ltd

7.6CVSS6.1AI score0.00321EPSS

Exploits0References1

Positive Technologies•added 2022/10/31 12:0 a.m.•1 views

PT-2022-24676 · Schoolbox Pty +1 · Schoolbox

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The application is affected by multiple instances of cross-site scripting XSS, including both stored and reflected XSS. Vulnerable features include student assessment submission, file...

7.6CVSS6.1AI score0.00321EPSS

Exploits0References2

CNNVD•added 2022/10/31 12:0 a.m.•1 views

Schoolbox 跨站脚本漏洞

Schoolbox is an online learning platform from Schoolbox Australia. A security vulnerability exists in Schoolbox version 21.0.2, which stems from its student assessment submission, file upload, news, ePortfolio, and calendar event creation features that allow an attacker to implement multiple...

7.6CVSS6AI score0.00321EPSS

Exploits0References2

CNNVD•added 2022/06/20 12:0 a.m.•1 views

Mahara 安全漏洞

Mahara is a free open source web-based ePortfolio management system from Mahara. A security vulnerability exists in Mahara versions 21.04 through 21.04.6, 21.10 through 21.10.4, and 22.04.2, which stems from the fact that it is sometimes possible to download files via thumb.php without checking...

7.5CVSS7.3AI score0.0024EPSS

Exploits1References2

seebug.org•added 2014/07/01 12:0 a.m.•26 views

EPortfolio 1.0 Client Side Input Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22829/info ePortfolio is prone to a client-side input-validation vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to perform various attacks that...

7.1AI score

Exploits0

Packet Storm•added 2010/06/23 12:0 a.m.•50 views

Joomla Eportfolio Shell Upload

============================================= Joomla comeportfolio Upload Vulnerability ============================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit...

7.4AI score

Exploits0

NVD•added 2007/03/07 9:19 p.m.•10 views

CVE-2007-1331

Multiple cross-site scripting XSS vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to inject arbitrary web script or HTML via unspecified vectors that bypass the client-side protection scheme, one of which may be the q parameter to the search program. NOTE: some...

4.3CVSS5.9AI score0.0264EPSS

Exploits1References6

CVE•added 2007/03/07 9:0 p.m.•38 views

CVE-2007-1331

CVE-2007-1331 affects TKS Banking Solutions ePortfolio 1.0 Java with multiple cross-site scripting (XSS) vulnerabilities. The description references arbitrary web script/HTML injection via unspecified vectors, one potential vector being the q parameter to the search program, allowing remote attac...

4.3CVSS5.9AI score0.0264EPSS

Exploits1References6Affected Software1

CVE•added 2007/03/07 9:0 p.m.•43 views

CVE-2007-1332

CVE-2007-1332 describes multiple cross-site request forgery (CSRF) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java . Attackers can perform unspecified restricted actions in the context of affected accounts by bypassing the client-side protection scheme. The entry notes a high impact ...

9.3CVSS7AI score0.00958EPSS

Exploits0References6Affected Software1

Cvelist•added 2007/03/07 9:0 p.m.•16 views

CVE-2007-1332

Multiple cross-site request forgery CSRF vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to perform unspecified restricted actions in the context of certain accounts by bypassing the client-side protection scheme...

7AI score0.00958EPSS

Exploits0References6

securityvulns•added 2007/03/05 12:0 a.m.•40 views

ePortfolio version 1.0 Java Multiple Input Validation Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ePortfolio version 1.0 Java Multiple Input Validation Vulnerabilities scip AG Vulnerability ID 2893 12/22/2006 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2893 I. INTRODUCTION ePortfolio is a e-banking application by TKS Banking Solutions. More...

7.5AI score

Exploits0

Exploit DB•added 2007/03/05 12:0 a.m.•31 views

EPortfolio 1.0 - Client-Side Input Validation

source: https://www.securityfocus.com/bid/22829/info ePortfolio is prone to a client-side input-validation vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to perform various attacks that are caused by input-validation...

7AI score

Exploits0

exploitpack•added 2007/03/05 12:0 a.m.•12 views

EPortfolio 1.0 - Client-Side Input Validation

EPortfolio 1.0 - Client-Side Input Validation source: https://www.securityfocus.com/bid/22829/info ePortfolio is prone to a client-side input-validation vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to perform various...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by