CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

CNVD•added 2025/12/29 12:0 a.m.•4 views

CMSimple cross-site scripting vulnerability (CNVD-2026-0082457)

CMSimple is a free content management system. CMSimple suffers from a cross-site scripting vulnerability that stems from the Filebrowser external input field not properly filtering or encoding user-supplied content for output. An attacker can exploit the vulnerability by constructing malicious...

6.1CVSS6.3AI score0.0001EPSS

Exploits1References1

NVD•added 2025/12/23 8:15 p.m.•2 views

CVE-2021-47732

CMSimple 5.2 contains a stored cross-site scripting vulnerability in the Filebrowser External input field that allows attackers to inject malicious JavaScript. Attackers can place unfiltered JavaScript code that executes when users click on Page or Files tabs, enabling persistent script injection...

6.1CVSS0.0001EPSS

Exploits1References3

CVE•added 2025/12/23 7:34 p.m.•4 views

CVE-2021-47732

CMSimple 5.2 is affected by a stored cross-site scripting (XSS) vulnerability in the Filebrowser external input field. The issue allows an attacker to inject unfiltered JavaScript that executes when a user clicks the Page or Files tabs, enabling persistent script injection. Affected product/versi...

6.1CVSS5.8AI score0.0001EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2025/12/23 7:34 p.m.•2 views

CVE-2021-47732 CMSimple 5.2 Stored Cross-Site Scripting via Filebrowser External Input

6.1CVSS5.8AI score0.0001EPSS

Exploits1References3

CNNVD•added 2024/04/01 12:0 a.m.•1 views

dotCMS 安全漏洞

DotCMS is an open source content management system written in Java by DotCMS, Inc. for managing content and content-driven sites and applications. A security vulnerability exists in dotCMS that stems from the fact that any user with portlet privileges can access the Tools and Log Files tabs under...

4.5CVSS6.7AI score0.00224EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:50 a.m.•2 views

SUSE CVE-2011-4193

Cross-site scripting XSS vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to cloning...

4.3CVSS5.9AI score0.00263EPSS

Exploits0References3

OSV•added 2018/03/13 3:29 p.m.•13 views

CVE-2018-1000087

WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Scripting vulnerability in "Create New File" and "Create New Directory" input box from 'files' Tab that can result in Session Hijacking, Spread Worms,Control the browser remotely. . This attack appear to be exploitable via Attacker c...

4.8CVSS5.4AI score

Exploits0References2

Prion•added 2018/03/13 3:29 p.m.•15 views

Cross site scripting

3.5CVSS5AI score0.00219EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by