Lucene search
K

591 matches found

RedhatCVE
RedhatCVE
added 2026/05/11 8:26 p.m.10 views

CVE-2021-47931

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS5.9AI score0.00213EPSS
Exploits0References1
NVD
NVD
added 2026/05/10 1:16 p.m.29 views

CVE-2021-47931

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS0.00213EPSS
Exploits0References3
CVE
CVE
added 2026/05/10 12:43 p.m.17 views

CVE-2021-47931

Exponent CMS 2.6 is affected by a stored cross-site scripting (XSS) vulnerability in the text editing endpoint, exploitable via Title and Text Block parameters. Attackers with authentication can inject scripts (e.g., iframe payloads with embedded SVG onload events) to run arbitrary JavaScript. Th...

6.4CVSS5.9AI score0.00213EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/10 12:43 p.m.16 views

CVE-2021-47931 Exponent CMS 2.6 Multiple Vulnerabilities Stored XSS Authentication

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS5.9AI score0.00213EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/10 12:43 p.m.35 views

CVE-2021-47931 Exponent CMS 2.6 Multiple Vulnerabilities Stored XSS Authentication

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS0.00213EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.12 views

Exponent CMS 跨站脚本漏洞

Exponent CMS is a website content management system provided by the Exponent company, offering capabilities for page management and modular content editing. Version 2.6 of Exponent CMS contains a cross-site scripting vulnerability. This vulnerability stems from storage-based cross-site scripting...

6.4CVSS5.8AI score0.00213EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/01/21 10:17 p.m.189 views

Exploit for Cross-site Scripting in Exponentcms Exponent_Cms

Synthetic Test Case: CVE-2017-8085 CWE: CWE-79 Origin...

6.1CVSS5.6AI score0.01147EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/01/09 11:9 a.m.19 views

CVE-2016-9021

Exponent CMS before 2.6.0 has improper input validation in storeController.php...

9.8CVSS6.9AI score0.01275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:9 a.m.8 views

CVE-2016-9025

Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php...

9.8CVSS6.9AI score0.01249EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:8 a.m.12 views

CVE-2016-9022

Exponent CMS before 2.6.0 has improper input validation in usersController.php...

9.8CVSS6.9AI score0.01275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:8 a.m.13 views

CVE-2016-9026

Exponent CMS before 2.6.0 has improper input validation in fileController.php...

9.8CVSS6.9AI score0.01275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:54 a.m.9 views

CVE-2022-23047

Exponent CMS 2.6.0patch2 allows an authenticated admin user to inject persistent JavaScript code inside the "Site/Organization Name","Site Title" and "Site Header" parameters while updating the site settings on "/exponentcms/administration/configuresite"...

4.8CVSS6.7AI score0.02936EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:34 a.m.6 views

CVE-2017-18213

In Exponent CMS before 2.4.1 Patch 6, certain admin users can elevate their privileges...

7.2CVSS6.9AI score0.0138EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-10054

Malware in sbrugna...

8.8CVSS8.8AI score0.01373EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-3761

Malware in sbrugna...

5CVSS6.4AI score0.0115EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-1608

Malware in sbrugna...

7.5CVSS6.4AI score0.01464EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-3759

Malware in sbrugna...

10CVSS6.4AI score0.01375EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-2247

Malware in sbrugna...

5CVSS6.4AI score0.02756EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-3232

Malware in sbrugna...

7.5CVSS6.1AI score0.01833EPSS
Exploits5References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-6513

Malware in sbrugna...

4.3CVSS6.4AI score0.01423EPSS
Exploits0References3
Rows per page
Query Builder