CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/05/17 12:0 a.m.•9 views

Joomla! extension EkRishta SQL注入漏洞

The Joomla! extension EkRishta is an open-source community extension designed to provide Joomla websites with functions for matchmaking and marriage-related services. Version 2.10 of the Joomla! extension EkRishta contains a SQL injection vulnerability. This vulnerability stems from persistent...

8.8CVSS5.8AI score0.00317EPSS

Exploits0References1

NVD•added 2026/05/16 4:16 p.m.•15 views

CVE-2021-47934

MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through thread titles, post content, and user profile fields like Location and Bio. Attackers can also exploit a cross-site request forgery vulnerability in the timeline.php...

6.9CVSS0.00232EPSS

NVD•added 2026/05/16 4:16 p.m.•11 views

CVE-2020-37240

Queue Management System 4.0.0 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through user creation fields. Attackers can insert JavaScript payloads in the First Name, Last Name, and Email fields during user creation, which...

6.4CVSS0.00243EPSS

EUVD•added 2026/05/16 3:26 p.m.•6 views

EUVD-2021-34832

Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger ...

EUVD•added 2026/05/16 3:26 p.m.•8 views

EUVD-2021-34828

My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an...

Cvelist•added 2026/05/16 3:26 p.m.•33 views

CVE-2021-47972 Sticky Notes & Color Widgets 1.4.2 Denial of Service

Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can paste large payloads of repeated characters into note fields to trigger application crashes and mak...

8.7CVSS0.00284EPSS

Vulnrichment•added 2026/05/16 3:26 p.m.•8 views

CVE-2021-47969 Color Notes 1.4 Denial of Service via Long Character String

Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350,000 repeated characters and paste it twice into a new note to cause the...

CVE•added 2026/05/16 3:26 p.m.•10 views

CVE-2021-47969

CVE-2021-47969 affects Color Notes 1.4. The vulnerability is a denial of service caused by pasting excessively long character strings into note fields, e.g., a payload of about 350,000 repeated characters pasted twice can make the application stop responding. The available data describe the impac...

EUVD•added 2026/05/16 3:26 p.m.•8 views

EUVD-2021-34826

CVE•added 2026/05/16 3:26 p.m.•12 views

CVE-2021-47934

MyBB Timeline Plugin 1.0 is affected by cross-site scripting (XSS) in thread titles, post content, and user profile fields (Location, Bio). A cross-site request forgery (CSRF) in the timeline.php profile action can be exploited to change a user’s cover picture via malicious forms that execute whe...

6.9CVSS5.7AI score0.00232EPSS

Cvelist•added 2026/05/16 3:26 p.m.•37 views

CVE-2021-47934 MyBB Timeline Plugin 1.0 Cross-Site Scripting and CSRF

6.9CVSS0.00232EPSS

Vulnrichment•added 2026/05/16 3:26 p.m.•9 views

CVE-2021-47934 MyBB Timeline Plugin 1.0 Cross-Site Scripting and CSRF

6.9CVSS5.7AI score0.00232EPSS

ATTACKERKB•added 2026/05/16 3:26 p.m.•6 views

CVE-2021-47934

6.9CVSS5.7AI score0.00232EPSS

Exploits0References3Affected Software1

EUVD•added 2026/05/16 3:25 p.m.•8 views

EUVD-2020-31243

6.4CVSS5.7AI score0.00243EPSS

ATTACKERKB•added 2026/05/16 3:25 p.m.•5 views

CVE-2020-37240

6.4CVSS5.7AI score0.00243EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/05/16 3:25 p.m.•8 views

CVE-2020-37240 Queue Management System 4.0.0 Stored XSS via Add User

6.4CVSS5.7AI score0.00243EPSS

Cvelist•added 2026/05/16 3:25 p.m.•31 views

CVE-2020-37240 Queue Management System 4.0.0 Stored XSS via Add User

6.4CVSS0.00243EPSS

GithubExploit•added 2026/05/16 12:20 p.m.•110 views

Exploit for CVE-2026-4882

CVE-2026-4882 User Registration Advanced Fields = 1.6.20 - Un...

9.8CVSS6.5AI score0.00653EPSS

Exploits1

Positive Technologies•added 2026/05/16 12:0 a.m.•11 views

PT-2026-41459

Name of the Vulnerable Software and Affected Versions Sticky Notes Widget version 3.0.6 Description A denial of service issue allows attackers to crash the application on iOS devices. This occurs when excessively long character strings are pasted into note fields. Specifically, pasting a payload...