CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2007-1834

Malware in sbrugna...

4.3CVSS6.1AI score0.01321EPSS

Exploits0References10

Veracode•added 2023/09/22 6:56 a.m.•17 views

Cross Site Scripting (XSS)

librenms/librenms is vulnerable to DOM based Cross Site Scripting XSS. The vulnerability is caused by not sanitizing/escaping HTML special characters in a IPV6/IPV4 search field in includes/html/pages/search/ipv6.inc.php while searching for IPV4/IPv6 addresses. This can result in disclosure of th...

6.1CVSS6.2AI score0.00561EPSS

Exploits1References3Affected Software1

Huntr•added 2023/05/11 4:41 p.m.•18 views

Reflected Cross-Site Scripting when restoring a backup

Description A XSS vulnerability has been identified when an administrator restores a backup from a file. When using a specially crafted file, it's possible to trigger an error that will be displayed on the web page. Since the error message contains the invalid part of the file, any JavaScript cod...

4.3CVSS6.4AI score0.00576EPSS

Exploits1References1

Veracode•added 2021/11/17 2:26 a.m.•20 views

Cross-site Scripting (XSS)

getkirby/kirby is vulnerable to cross-site scripting. The library does not properly escape HTML special characters, allowing an attacker to inject and execute malicious javascript. test...

7.3CVSS4.2AI score0.00781EPSS

Exploits0References4Affected Software1

Joomla! Vulnerable Extensions List•added 2018/05/07 12:0 a.m.•28 views

[20180602] - Core - XSS vulnerability in language switcher module

In some cases the link of the current language might contain unescaped HTML special characters. This may lead to reflective XSS via injection of arbitrary parameters and/or values on the current page url...

6.1CVSS7.3AI score0.01413EPSS

Exploits0Affected Software1

seebug.org•added 2014/07/01 12:0 a.m.•24 views

MySQL 5 Command Line Client HTML Special Characters HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31486/info MySQL is prone to an HTML-injection vulnerability because the application's command-line client fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied...

7.1AI score

Exploits0

FreeBSD•added 2007/04/17 12:0 a.m.•15 views

mysql -- command line client input validation vulnerability

Thomas Henlich reports: The mysql command-line client does not quote HTML special characters like in its output. This allows an attacker who is able to write data into a table to hide or modify records in the output, and to inject potentially dangerous code, e. g. Javascript to perform cross-site...

5.8AI score

Exploits0References1

UbuntuCve•added 2007/04/03 12:19 a.m.•17 views

CVE-2007-1840

lib/modules.inc in LDAP Account Manager LAM before 1.3.0 does not escape HTML special characters in LDAP data, which allows remote attackers to have an unknown impact, probably cross-site scripting XSS...

4.3CVSS5.8AI score0.01321EPSS

Exploits0References1

Cvelist•added 2007/04/03 12:0 a.m.•22 views

CVE-2007-1840

5.7AI score0.01321EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by