CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/01/09 9:51 a.m.•3 views

CVE-2020-10247

MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sightingfield.ctp...

6.1CVSS6AI score0.00328EPSS

Exploits0References1

Positive Technologies•added 2024/05/22 12:0 a.m.•3 views

PT-2024-18284 · WordPress · Nextscripts: Social Networks Auto-Poster

Name of the Vulnerable Software and Affected Versions: NextScripts: Social Networks Auto-Poster plugin for WordPress versions up to, and including, 4.4.3 Description: The issue allows unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an...

6.1CVSS7.4AI score0.01435EPSS

Exploits0References8

OSV•added 2023/11/30 2:15 p.m.•2 views

CVE-2023-6423

A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/eventsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user ...

5.4CVSS5.7AI score

Exploits0References1

Exploit DB•added 2023/05/13 12:0 a.m.•341 views

Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting (XSS)

Exploit Title: Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting XSS Date: 27-06-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://bigprof.com Software Download Link : https://bigprof.com/appgini/applications/online-clinic-management-system Version : 2.2...

7AI score

Exploits0

CNNVD•added 2023/03/24 12:0 a.m.•1 views

Osprey Pump Controller 操作系统命令注入漏洞

Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01, which stems from the presence of an operating system command injection vulnerability. An attacker can exploit this vulnerability to inject and execute arbitrary shell...

9.8CVSS8.9AI score0.0113EPSS

Exploits1References3

NVD•added 2020/03/09 7:15 p.m.•9 views

CVE-2020-10247

MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sightingfield.ctp...

6.1CVSS6AI score0.00328EPSS

Exploits0References2

Prion•added 2020/03/09 7:15 p.m.•11 views

Design/Logic Flaw

MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sightingfield.ctp...

4.3CVSS5.9AI score0.00328EPSS

Exploits0References2Affected Software1

OSV•added 2019/02/04 7:29 p.m.•1 views

DEBIAN-CVE-2019-7337

Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3 as the view 'events' events.php insecurely displays the limit parameter value, without applying any proper output filtration. This issue exists because of the function sortHeader in functions.php, which insecurely returns the...

4.8CVSS6.5AI score0.00235EPSS

Exploits1References1

Prion•added 2018/02/17 7:29 a.m.•12 views

Sql injection

SQL Injection exists in the JTicketing 2.0.16 component for Joomla! via a view=events action with a filtercreator or filtereventscat parameter...

7.5CVSS9.8AI score0.01411EPSS

Exploits5References1Affected Software1

Packet Storm•added 2018/02/17 12:0 a.m.•38 views

Joomla! JTicketing 2.0.16 SQL Injection

Exploit Title: Joomla! Component JTicketing 2.0.16 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://techjoomla.com/ Software Link: https://extensions.joomla.org/extensions/extension/calendars-a-events/events/jticketing/ Version: 2.0.16 Category: Webapps Tested on:...

9.2AI score0.01411EPSS

Exploits5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by