CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

40 matches found

Snyk•added 2025/10/16 7:51 a.m.•2 views

Malicious Package

Overview logger-extjs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2007-6714

Malware in sbrugna...

7.5CVSS7.6AI score0.0029EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-4065

Malware in sbrugna...

5.3CVSS5.6AI score0.0033EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-2080

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00018EPSS

Exploits0References6

OSSF Malicious Packages•added 2025/08/28 7:32 a.m.•2 views

Malicious code in logger-extjs (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0References2

OSV•added 2025/08/28 7:32 a.m.•1 views

MAL-2025-41582 Malicious code in logger-extjs (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0References2

RedhatCVE•added 2025/05/21 9:54 p.m.•4 views

CVE-2007-6758

Server-side request forgery SSRF vulnerability in feed-proxy.php in extjs 5.0.0...

7.5CVSS7AI score0.0029EPSS

Exploits1References1

Github Security Blog•added 2024/05/30 8:0 p.m.•13 views

ExtJS JavaScript framework used in TYPO3 vulnerable to Cross-site Scripting

Failing to properly validate the HTTP host-header TYPO3 CMS is susceptible to host spoofing. TYPO3 uses the HTTP host-header to generate absolute URLs in several places like 404 handling, https enforcement, password reset links and many more. Since the host header itself is provided by the client...

7.2AI score

Exploits0References8Affected Software1

OSV•added 2024/05/30 8:0 p.m.•8 views

GHSA-MXJF-HC9V-XGV2 ExtJS JavaScript framework used in TYPO3 vulnerable to Cross-site Scripting

6.1CVSS7.2AI score

Exploits0References8

NVD•added 2023/07/11 7:15 p.m.•12 views

CVE-2023-37280

Pimcore Admin Classic Bundle provides a Backend UI for Pimcore based on the ExtJS framework. An admin who has not setup two factor authentication before is vulnerable for this attack, without need for any form of privilege, causing the application to execute arbitrary scripts/HTML content. This...

6.1CVSS5.9AI score0.00018EPSS

Exploits0References3

Prion•added 2023/07/11 7:15 p.m.•12 views

Hardcoded credentials

5.8CVSS6.6AI score0.00018EPSS

Exploits0References3Affected Software1

OSV•added 2023/07/11 6:19 p.m.•19 views

CVE-2023-37280 Pimcore admin UI vulnerable to Cross-site Scripting in two factor authentication setup page

5CVSS6.7AI score0.00018EPSS

Exploits0References5

Cvelist•added 2023/07/11 6:19 p.m.•10 views

CVE-2023-37280 Pimcore admin UI vulnerable to Cross-site Scripting in two factor authentication setup page

5CVSS6.8AI score0.00018EPSS

Exploits0References3

CVE•added 2023/07/11 6:19 p.m.•54 views

CVE-2023-37280

Pimcore Admin Classic Bundle (ExtJS-based Backend UI) contains a cross-site scripting vulnerability (CVE-2023-37280) that can be exploited by any admin who has not set up two-factor authentication, without extra privileges. The issue allows execution of arbitrary scripts/HTML content via the admi...

6.1CVSS6.1AI score0.00018EPSS

Exploits0References3Affected Software1

F5 Networks•added 2023/02/21 6:31 p.m.•55 views

K03861222: ExtJS vulnerability CVE-2007-2285

Security Advisory Description Directory traversal vulnerability in examples/layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1 Ext JS allows remote attackers to read arbitrary files via a .. dot dot in the feed parameter. NOTE: analysis by third party researchers indicates that this issue might ...

7.8CVSS6.9AI score0.11266EPSS

Exploits0

vulnersOsv•added 2020/04/01 4:35 p.m.•1 views

cubx-http-server (=0.4.2), karma-extjs-jasmine-tester (>=1.0.0 <=1.1.3) +5 more potentially affected by CVE-2019-10775 via ecstatic (>=3.1.1 <=3.3.0)

ecstatic NPM version =3.1.1, =1.0.0, =0.1.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.2.1 Source cves: CVE-2019-10775 Source advisory: OSV:GHSA-9Q64-MPXX-87FG...

7.5CVSS7.1AI score0.00436EPSS

Exploits0

NVD•added 2020/01/23 4:15 p.m.•7 views

CVE-2007-6758

Server-side request forgery SSRF vulnerability in feed-proxy.php in extjs 5.0.0...

7.5CVSS7.6AI score0.0029EPSS

Exploits1References2