Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

591 matches found

RedhatCVE
RedhatCVEadded 2026/05/11 8:26 p.m.7 views

CVE-2021-47931

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS5.9AI score0.00213EPSS
Exploits0References1
NVD
NVDadded 2026/05/10 1:16 p.m.16 views

CVE-2021-47931

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS0.00213EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/05/10 12:43 p.m.11 views

CVE-2021-47931 Exponent CMS 2.6 Multiple Vulnerabilities Stored XSS Authentication

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS5.9AI score0.00213EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/10 12:43 p.m.31 views

CVE-2021-47931 Exponent CMS 2.6 Multiple Vulnerabilities Stored XSS Authentication

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS0.00213EPSS
Exploits0References3
CVE
CVEadded 2026/05/10 12:43 p.m.14 views

CVE-2021-47931

Exponent CMS 2.6 is affected by a stored cross-site scripting (XSS) vulnerability in the text editing endpoint, exploitable via Title and Text Block parameters. Attackers with authentication can inject scripts (e.g., iframe payloads with embedded SVG onload events) to run arbitrary JavaScript. Th...

6.4CVSS5.9AI score0.00213EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/05/10 12:0 a.m.8 views

Exponent CMS 跨站脚本漏洞

Exponent CMS is a website content management system provided by the Exponent company, offering capabilities for page management and modular content editing. Version 2.6 of Exponent CMS contains a cross-site scripting vulnerability. This vulnerability stems from storage-based cross-site scripting...

6.4CVSS5.8AI score0.00213EPSS
Exploits0References4
GithubExploit
GithubExploitadded 2026/01/21 10:17 p.m.151 views

Exploit for Cross-site Scripting in Exponentcms Exponent_Cms

Synthetic Test Case: CVE-2017-8085 CWE: CWE-79 Origin...

6.1CVSS5.6AI score0.01147EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2026/01/09 11:9 a.m.18 views

CVE-2016-9021

Exponent CMS before 2.6.0 has improper input validation in storeController.php...

9.8CVSS6.9AI score0.01275EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:9 a.m.7 views

CVE-2016-9025

Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php...

9.8CVSS6.9AI score0.01249EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:8 a.m.10 views

CVE-2016-9022

Exponent CMS before 2.6.0 has improper input validation in usersController.php...

9.8CVSS6.9AI score0.01275EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:8 a.m.12 views

CVE-2016-9026

Exponent CMS before 2.6.0 has improper input validation in fileController.php...

9.8CVSS6.9AI score0.01275EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:54 a.m.9 views

CVE-2022-23047

Exponent CMS 2.6.0patch2 allows an authenticated admin user to inject persistent JavaScript code inside the "Site/Organization Name","Site Title" and "Site Header" parameters while updating the site settings on "/exponentcms/administration/configuresite"...

4.8CVSS6.7AI score0.02891EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:34 a.m.6 views

CVE-2017-18213

In Exponent CMS before 2.4.1 Patch 6, certain admin users can elevate their privileges...

7.2CVSS6.9AI score0.01402EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2013-3232

Malware in sbrugna...

7.5CVSS6.1AI score0.01833EPSS
Exploits5References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2005-3759

Malware in sbrugna...

10CVSS6.4AI score0.01375EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.6 views

EUVD-2005-3762

Malware in sbrugna...

5CVSS6.4AI score0.01351EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2017-9346

Malware in sbrugna...

7.2CVSS7AI score0.01402EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.7 views

EUVD-2016-9722

Malware in sbrugna...

9.8CVSS9.5AI score0.01789EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2016-10096

Malware in sbrugna...

5.3CVSS5.9AI score0.01476EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2016-9842

Malware in sbrugna...

9.8CVSS9.5AI score0.0308EPSS
Exploits1References5
Rows per page
Query Builder