CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

RedhatCVE•added 2026/04/27 7:23 p.m.•1 views

CVE-2026-7015

A vulnerability has been found in MaxSite CMS up to 109.3. This issue affects some unknown processing of the component Guestbook Plugin. Such manipulation of the argument ftext/fslug/flimit/femail leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed t...

4.8CVSS3AI score0.00039EPSS

Exploits0References1

NVD•added 2026/04/26 3:16 a.m.•2 views

CVE-2026-7015

4.8CVSS0.00039EPSS

Exploits0References7

EUVD•added 2026/04/26 2:45 a.m.•1 views

EUVD-2026-25691

4.8CVSS3AI score0.00039EPSS

Exploits0References7

ATTACKERKB•added 2026/04/26 2:45 a.m.•1 views

CVE-2026-7015

4.8CVSS3.8AI score0.00039EPSS

Exploits0References7Affected Software1

Vulnrichment•added 2026/04/26 2:45 a.m.•3 views

CVE-2026-7015 MaxSite CMS Guestbook Plugin cross site scripting

4.8CVSS3.2AI score0.00039EPSS

Exploits0References7

Cvelist•added 2026/04/26 2:45 a.m.•25 views

CVE-2026-7015 MaxSite CMS Guestbook Plugin cross site scripting

4.8CVSS0.00039EPSS

Exploits0References7

CVE•added 2026/04/26 2:45 a.m.•6 views

CVE-2026-7015

MaxSite CMS (up to 109.3) is affected via the Guestbook Plugin due to improper handling of f_text, f_slug, f_limit, and f_email, enabling cross-site scripting. The issue can be exploited remotely and the public exploit has been disclosed. A fixed patch is available in version 109.4, with patch id...

4.8CVSS3.2AI score0.00039EPSS

Exploits0References7

CNNVD•added 2026/04/26 12:0 a.m.•4 views

MaxSite CMS 跨站脚本漏洞

MaxSite CMS is an open-source website content management system developed by MaxSite in Russia. Versions of MaxSite CMS starting from 109.3 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from operations with the ftext/fslug/flimit/femail parameters in the Guestbo...

4.8CVSS5.6AI score0.00039EPSS

Exploits0References2

Positive Technologies•added 2026/04/26 12:0 a.m.•3 views

PT-2026-35196

A vulnerability has been found in MaxSite CMS up to 109.3. This issue affects some unknown processing of the component Guestbook Plugin. Such manipulation of the argument f text/f slug/f limit/f email leads to cross site scripting. The attack may be launched remotely. The exploit has been disclos...

4.8CVSS3.8AI score0.00039EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-11096

Malware in sbrugna...

6.1CVSS6.3AI score0.00206EPSS

Exploits1References3

RedhatCVE•added 2025/05/22 1:32 a.m.•7 views

CVE-2017-20089

A vulnerability was found in Gwolle Guestbook Plugin 1.7.4. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to basic cross site scripting. The attack may be initiated remotely...

6.1CVSS6.2AI score0.00206EPSS

Exploits1References1

OSV•added 2022/09/30 5:15 p.m.•1 views

CVE-2021-36830

Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Comment Guestbook plugin = 0.8.0 at WordPress...

4.8CVSS5.8AI score

Exploits0References2

NVD•added 2022/06/23 5:15 a.m.•8 views

CVE-2017-20089

6.1CVSS0.00206EPSS

Exploits1References2

Prion•added 2022/06/23 5:15 a.m.•10 views

Cross site scripting

4.3CVSS6AI score0.00206EPSS

Exploits1References2Affected Software1

CVE•added 2022/06/23 4:20 a.m.•41 views

CVE-2017-20089

CVE-2017-20089 affects the WordPress plugin Gwolle Guestbook (version 1.7.4). The vulnerability is a cross-site scripting (XSS) flaw arising from insufficient filtering/escaping of user data in the plugin’s processing, enabling remote exploitation. The issue is described as a basic XSS with impac...

6.1CVSS4.8AI score0.00206EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/06/23 4:20 a.m.•11 views

CVE-2017-20089 Gwolle Guestbook Plugin cross site scriting

3.5CVSS6AI score0.00206EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by