CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

47 matches found

Haraj 3.7 - Cross-Site Scripting

Haraj 3.7 contains a cross-site scripting vulnerability in the User Upgrade Form. An attacker can inject malicious script and thus steal authentication credentials and launch other attacks. id: CVE-2022-31299 info: name: Haraj 3.7 - Cross-Site Scripting author: edoardottt severity: medium...

6.1CVSS6.2AI score0.33993EPSS

Exploits2References5

RedhatCVE•added 2026/01/09 10:48 a.m.•8 views

CVE-2022-31300

A cross-site scripting vulnerability in the DM Section component of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request...

5.4CVSS6.4AI score0.07516EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:48 a.m.•6 views

CVE-2022-31298

A cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request...

5.4CVSS6.4AI score0.07516EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:47 a.m.•9 views

CVE-2022-31301

Haraj v3.7 was discovered to contain a stored cross-site scripting XSS vulnerability in the Post Ads component...

5.4CVSS5.9AI score0.00779EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:47 a.m.•4 views

CVE-2022-31299

Haraj v3.7 was discovered to contain a reflected cross-site scripting XSS vulnerability in the User Upgrade Form...

6.1CVSS6.1AI score0.33993EPSS

Exploits2References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-52855

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.07516EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-52856

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00779EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-52853

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.07516EPSS

Exploits1References3

Packet Storm•added 2023/08/28 12:0 a.m.•284 views

haraj 1.1 Add Administrator

==================================================================================================================================== | Title : haraj V1.1 Add ADmin Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3 32-bit | | Vendor :...

7.1AI score

Exploits0

Openbugbounty•added 2022/12/12 8:47 p.m.•12 views

haraj-alkharj.com.sa Cross Site Scripting vulnerability OBB-3097590

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

Exploits0

CNVD•added 2022/06/20 12:0 a.m.•25 views

Haraj Cross-Site Scripting Vulnerability

A security vulnerability exists in Haraj v3.7, a buying and selling platform from Haraj Saudi Arabia, due to a cross-site scripting issue in the comments section of advertisements. An attacker could exploit the vulnerability to execute arbitrary Web script or HTML via a crafted POST request...

5.4CVSS1.7AI score0.07516EPSS

Exploits1References1

CNVD•added 2022/06/20 12:0 a.m.•23 views

Haraj has cross-site scripting vulnerability

A cross-site scripting vulnerability exists in Haraj v3.7, a buying and selling platform from Haraj Saudi Arabia. The vulnerability stems from a lack of data validation filtering of user-supplied data and output in some DM components. An attacker could exploit this vulnerability to execute...

5.4CVSS1.9AI score0.07516EPSS

Exploits1References1

CNVD•added 2022/06/20 12:0 a.m.•21 views

Haraj Cross-Site Scripting Vulnerability (CNVD-2022-66491)

A cross-site scripting vulnerability exists in Haraj v3.7, a buying and selling platform from Haraj Saudi Arabia. The vulnerability stems from a stored cross-site scripting XSS vulnerability contained in the Post Ads component. An attacker could exploit this vulnerability to conduct cross-site...

3.5CVSS0.9AI score0.00779EPSS

Exploits1Affected Software1

ATTACKERKB•added 2022/06/16 10:15 p.m.•1 views

CVE-2022-31299

Haraj v3.7 was discovered to contain a reflected cross-site scripting XSS vulnerability in the User Upgrade Form...

6.1CVSS6.2AI score0.33993EPSS

Exploits2References5

OSV•added 2022/06/16 10:15 p.m.•1 views

CVE-2022-31299

Haraj v3.7 was discovered to contain a reflected cross-site scripting XSS vulnerability in the User Upgrade Form...

6.1CVSS6.3AI score0.33993EPSS

Exploits2References3

NVD•added 2022/06/16 10:15 p.m.•10 views

CVE-2022-31299

Haraj v3.7 was discovered to contain a reflected cross-site scripting XSS vulnerability in the User Upgrade Form...

6.1CVSS0.33993EPSS

Exploits2References3

Prion•added 2022/06/16 10:15 p.m.•9 views

Cross site scripting

Haraj v3.7 was discovered to contain a reflected cross-site scripting XSS vulnerability in the User Upgrade Form...

4.3CVSS6AI score0.33993EPSS

Exploits2References3Affected Software1

Cvelist•added 2022/06/16 9:22 p.m.•15 views

CVE-2022-31299

Haraj v3.7 was discovered to contain a reflected cross-site scripting XSS vulnerability in the User Upgrade Form...

6.2AI score0.33993EPSS

Exploits2References3

CVE•added 2022/06/16 9:22 p.m.•98 views

CVE-2022-31299

Haraj 3.7 contains a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form. The NVD/Nuclei entries describe a reflected XSS that could allow an attacker to execute malicious scripts in a victim’s browser, potentially enabling credential theft and session-related attacks. An ...

6.1CVSS6AI score0.33993EPSS

Exploits2References3Affected Software1

NVD•added 2022/06/16 6:15 p.m.•11 views

CVE-2022-31301

Haraj v3.7 was discovered to contain a stored cross-site scripting XSS vulnerability in the Post Ads component...

5.4CVSS0.00779EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by