Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2025/12/15 9:15 p.m.2 views

CVE-2023-53887

Zomplog 3.9 contains a cross-site scripting vulnerability that allows authenticated users to inject malicious scripts when creating new pages. Attackers can craft malicious image source and onerror attributes to execute arbitrary JavaScript code in victim's browser...

5.4CVSS5.9AI score
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 4:31 a.m.1 views

SUSE CVE-2018-5162

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...

7.5CVSS9.1AI score0.00918EPSS
Exploits0References12
ATTACKERKB
ATTACKERKBadded 2018/03/25 7:29 p.m.1 views

CVE-2018-8978

Open-AudIT Professional 2.1 has XSS via a crafted src attribute of an IMG element within a URI...

5.4CVSS5.3AI score0.00206EPSS
Exploits1References2
OSV
OSVadded 2018/02/07 2:29 a.m.0 views

UBUNTU-CVE-2018-6790

An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References4
Hacker One
Hacker Oneadded 2017/03/16 7:27 p.m.20 views

Shopify: Setting Arbitrary Cookie at kitcrm.com

Hey The src parameter of Image is not being sanitized which allows me to set cookies at kitcrm.com Proof of Concept 1. Create a post at https://kitcrm.com/pages/ID/manualposts/new 2. Select Schedule for Later 3. Go to Scheduled Posts https://kitcrm.com/pages/ID/manualposts 4. Click Edit on your...

Exploits0
securityvulns
securityvulnsadded 2010/04/06 12:0 a.m.51 views

Mozilla Foundation Security Advisory 2010-23

Mozilla Foundation Security Advisory 2010-23 Title: Image src redirect to mailto: URL opens email editor Impact: Low Announced: March 30, 2010 Reporter: Henry Sudhof Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.2 Firefox 3.5.9 SeaMonkey 2.0.4 Description phpBB developer Henry Sudhof reporte...

4.3CVSS1.1AI score0.0264EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2010/03/31 12:0 a.m.230 views

FreeBSD : mozilla -- multiple vulnerabilities (9ccfee39-3c3b-11df-9edc-000f20797ede)

Mozilla Project reports : MFSA 2010-24 XMLDocument::load doesn't check nsIContentPolicy MFSA 2010-23 Image src redirect to mailto: URL opens email editor MFSA 2010-22 Update NSS to support TLS renegotiation indication MFSA 2010-21 Arbitrary code execution with Firebug XMLHttpRequestSpy MFSA 2010-...

10CVSS8.3AI score0.0757EPSS
Exploits18References19
FreeBSD
FreeBSDadded 2010/03/30 12:0 a.m.44 views

mozilla -- multiple vulnerabilities

Mozilla Project reports: MFSA 2010-24 XMLDocument::load doesn't check nsIContentPolicy MFSA 2010-23 Image src redirect to mailto: URL opens email editor MFSA 2010-22 Update NSS to support TLS renegotiation indication MFSA 2010-21 Arbitrary code execution with Firebug XMLHttpRequestSpy MFSA 2010-2...

10CVSS8.6AI score0.0757EPSS
Exploits18References9
Rows per page
Query Builder