CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-3011

Malware in sbrugna...

4.3CVSS6.4AI score0.00254EPSS

Exploits2References5

RedhatCVE•added 2025/05/22 7:58 a.m.•6 views

CVE-2019-17488

b3log Symphony aka Sym before 3.6.0 has XSS via the HTTP User-Agent header...

6.1CVSS5.9AI score0.0024EPSS

Exploits1References1

OSV•added 2022/05/17 3:57 a.m.•1 views

GHSA-83M2-9G78-RRJ4 Apache Ranger Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the Policy Admin Tool in Apache Ranger before 0.5.0 allows remote attackers to inject arbitrary web script or HTML via the HTTP User-Agent header...

6.1CVSS5.8AI score0.02013EPSS

Exploits1References6

CNVD•added 2021/04/25 12:0 a.m.•7 views

Directum Cross-Site Scripting Vulnerability

Directum is an application system of the Russian company Directum. An intelligent digital process and documentation system. A cross-site scripting vulnerability exists in Settings.aspx?view=About in Directum version 5.8.2. An attacker can exploit this vulnerability via the HTTP User-Agent header ...

6.1CVSS6.1AI score0.00285EPSS

Exploits0References1

Cvelist•added 2021/04/24 7:40 p.m.•12 views

CVE-2021-31794

Settings.aspx?view=About in Directum 5.8.2 allows XSS via the HTTP User-Agent header...

6.1AI score0.00285EPSS

Exploits0References2

Prion•added 2019/06/30 5:15 p.m.•13 views

Sql injection

core/MYSecurity.php in CSZ CMS 1.2.2 before 2019-06-20 has member/login/check SQL injection by sending a crafted HTTP User-Agent header and omitting the csrfcsz parameter...

7.5CVSS9.7AI score0.50772EPSS

Exploits2References1Affected Software1

Prion•added 2016/04/11 7:59 p.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Policy Admin Tool in Apache Ranger before 0.5.0 allows remote attackers to inject arbitrary web script or HTML via the HTTP User-Agent header...

4.3CVSS6.1AI score0.02013EPSS

Exploits1References4Affected Software1

NVD•added 2016/04/11 7:59 p.m.•8 views

CVE-2015-0265

Cross-site scripting XSS vulnerability in the Policy Admin Tool in Apache Ranger before 0.5.0 allows remote attackers to inject arbitrary web script or HTML via the HTTP User-Agent header...

6.1CVSS6.1AI score0.02013EPSS

Exploits1References4

Cvelist•added 2016/04/11 7:0 p.m.•17 views

CVE-2015-0265

Cross-site scripting XSS vulnerability in the Policy Admin Tool in Apache Ranger before 0.5.0 allows remote attackers to inject arbitrary web script or HTML via the HTTP User-Agent header...

6.1AI score0.02013EPSS

Exploits1References4

Cvelist•added 2015/12/16 9:0 p.m.•27 views

CVE-2015-8562

Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015...

7.9AI score0.92855EPSS

Exploits16References9

Prion•added 2014/12/24 11:59 a.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Web UI in IBM WebSphere Service Registry and Repository WSRR 7.0.x before 7.0.0.5 and 7.5.x before 7.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via the HTTP User-Agent header...

3.5CVSS5.5AI score0.00162EPSS

Exploits0References4Affected Software1

Cvelist•added 2014/12/24 11:0 a.m.•19 views

CVE-2014-6180

5.1AI score0.00162EPSS

Exploits0References4

NVD•added 2013/01/24 9:55 p.m.•14 views

CVE-2013-1104

The HTTP Profiling functionality on Cisco Wireless LAN Controller WLC devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636...

9CVSS7.3AI score0.01184EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by