CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2026/05/11 12:32 p.m.•7 views

EUVD-2026-29047

Path traversal vulnerability exists in GROWI v7.5.0 and earlier, which may allow an attacker to execute arbitrary EJS templates on the server when an email server is running in GROWI...

8.6CVSS7.3AI score0.00495EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-26842

Malware in sbrugna...

7.5CVSS6.3AI score0.02982EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2022-44967

Malicious code in bioql PyPI...

6.5CVSS5.2AI score0.00782EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2021-8086

Malicious code in bioql PyPI...

4CVSS4.1AI score0.00821EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2021-8090

Malicious code in bioql PyPI...

6.1CVSS5.7AI score0.00947EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 6:17 p.m.•3 views

CVE-2021-20829

Cross-site scripting vulnerability due to the inadequate tag sanitization in GROWI versions v4.2.19 and earlier allows remote attackers to execute an arbitrary script on the web browser of the user who accesses a specially crafted page...

6.1CVSS7AI score0.0073EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:3 p.m.•7 views

CVE-2020-5683

Directory traversal vulnerability in GROWI versions prior to v4.2.3 v4.2 Series, GROWI versions prior to v4.1.12 v4.1 Series, and GROWI v3 series and earlier GROWI versions prior to v4.2.3 v4.2 Series, GROWI versions prior to v4.1.12 v4.1 Series, and GROWI v3 series and earlier allows remote...

7.5CVSS6.8AI score0.02982EPSS

Exploits0References1

NVD•added 2023/12/26 8:15 a.m.•9 views

CVE-2023-46699

Cross-site request forgery CSRF vulnerability exists in the User settings /me page of GROWI versions prior to v6.0.0. If a user views a malicious page while logging in, settings may be changed without the user's intention...

4.3CVSS0.00178EPSS

Exploits0References2

NVD•added 2023/12/26 8:15 a.m.•17 views

CVE-2023-49598

Stored cross-site scripting vulnerability exists in the event handlers of the pre tags in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...

5.4CVSS0.00303EPSS

Exploits0References2

Japan Vulnerability Notes•added 2021/03/10 12:0 a.m.•61 views

JVN#86438134: Multiple cross-site scripting vulnerabilities in GROWI

GROWI provided by WESEEK, Inc. contains multiple cross-site scripting vulnerabilities listed below. Reflected cross-site scripting vulnerability due to insufficient verification of URL query parameters CWE-79 - CVE-2021-20672 Version| Vector| Score ---|---|--- CVSS v3|...

6.1CVSS5.8AI score0.00947EPSS

Exploits0

CNVD•added 2018/12/28 12:0 a.m.•2 views

WESEEK GROWI Cross-Site Scripting Vulnerability (CNVD-2019-04901)

WESEEK GROWI is a suite of team collaboration software from WESEEK Japan. A cross-site scripting vulnerability exists in WESEEK GROWI 3.2.3 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary script in a user's web browser...

5.4CVSS6.7AI score0.00634EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by