CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Multiple cross-site scripting XSS vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the setlang parameter to 1 archive.php, 2 article.php, 3 index.php, or 4 topics.php...

4.3CVSS5.8AI score0.01022EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 7:16 p.m.•7 views

CVE-2007-1966

Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie...

9.1CVSS7AI score0.01073EPSS

Exploits0References1

NVD•added 2010/11/03 8:0 p.m.•13 views

CVE-2010-4155

Multiple cross-site scripting XSS vulnerabilities in eXV2 CMS 2.10 allow remote attackers to inject arbitrary web script or HTML via the 1 rssfeedURL parameter to manual/caferss/example.php and the sumb parameter to 2 modules/news/archive.php, 3 modules/news/topics.php, and 4...

4.3CVSS5.5AI score0.01089EPSS

Exploits2References4

Prion•added 2010/11/03 8:0 p.m.•19 views

Cross site scripting

4.3CVSS5.8AI score0.01089EPSS

Exploits2References4Affected Software1

Cvelist•added 2010/11/03 7:0 p.m.•23 views

CVE-2010-4155

5.5AI score0.01089EPSS

Exploits2References4

CVE•added 2010/11/03 7:0 p.m.•49 views

CVE-2010-4155

The CVE-2010-4155 entry documents multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10, allowing remote attackers to inject arbitrary HTML/JS when user input is not properly sanitized. Affected vectors include the rssfeedURL parameter to manual/caferss/example.php and the sumb par...

4.3CVSS5.6AI score0.01089EPSS

Exploits2References4Affected Software1

exploitpack•added 2010/10/15 12:0 a.m.•23 views

eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities

eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/44169/info eXV2 CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

0.1AI score

Exploits0

Exploit DB•added 2010/10/15 12:0 a.m.•21 views

eXV2 CMS - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/44169/info eXV2 CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

NVD•added 2007/08/15 7:17 p.m.•18 views

CVE-2007-4365

Cross-site scripting XSS vulnerability in eXV2 CMS 2.0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a setlang cookie to an unspecified component. NOTE: this may overlap CVE-2007-1965...

4.3CVSS5.5AI score0.01065EPSS

Exploits0References5

Prion•added 2007/08/15 7:17 p.m.•21 views

Cross site scripting

4.3CVSS5.9AI score0.01065EPSS

Exploits0References5Affected Software1

Cvelist•added 2007/08/15 7:0 p.m.•18 views

CVE-2007-4365

5.5AI score0.01065EPSS

Exploits0References5

CVE•added 2007/08/15 7:0 p.m.•47 views

CVE-2007-4365

CVE-2007-4365 is an XSS vulnerability affecting eXV2 CMS 2.0.5 and earlier. The flaw allows remote attackers to inject arbitrary script/HTML via a set_lang cookie to an unspecified component. Connected records also reference CVE-2007-1965 as a possible overlap. The available documents confirm the...

4.3CVSS5.7AI score0.01065EPSS

Exploits0References5Affected Software1