CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Positive Technologies•added 2026/05/21 12:0 a.m.•10 views

PT-2026-42510

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/fullsit incidents.php where the offset GET parameter is concatenated into the LIMIT clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics to read,...

7.1CVSS5.9AI score0.00214EPSS

Exploits0References4

Prion•added 2020/07/07 4:15 p.m.•10 views

Cross site scripting

NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Incidents.php id parameter...

3.5CVSS5.4AI score0.00568EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/07/07 3:33 p.m.•18 views

CVE-2020-15032

NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Incidents.php id parameter...

5.4AI score0.00568EPSS

Exploits0References2

CVE•added 2020/07/07 3:33 p.m.•40 views

CVE-2020-15032

CVE-2020-15032 affects NeDi 1.9C with a cross-site scripting (XSS) vulnerability: an attacker can execute arbitrary JavaScript via the Monitoring-Incidents.php id parameter. The connected documents corroborate the XSS issue across multiple feeds, but do not provide a patch or effective remediatio...

5.4CVSS5.3AI score0.00568EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by