CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2026/01/09 12:15 p.m.•7 views

CVE-2018-1000154

Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutralization of Script-Related HTML Tags in a Web Page CWE-80 vulnerability in the subject of emails which are not html quoted in certain cases. This can result in the embedding and execution of java script code on users browser...

6.1CVSS7.1AI score0.0048EPSS

Exploits0References1

Prion•added 2019/07/16 1:15 p.m.•14 views

Cross site scripting

Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting XSS - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3...

4.3CVSS6.1AI score0.00354EPSS

Exploits0References3Affected Software1

Prion•added 2018/09/28 6:29 p.m.•12 views

Cross site scripting

Dell EMC Unity and UnityVSA contains reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or Java Script code to Unisphere, which is then reflected back to the...

4.3CVSS6.2AI score0.0025EPSS

Exploits0References1Affected Software2

NVD•added 2018/08/29 8:29 p.m.•11 views

CVE-2018-7795

A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic PM5560 prior to FW version 2.5.4 product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code...

6.1CVSS6.3AI score0.00311EPSS

Exploits0References3

ICS•added 2017/01/19 12:0 a.m.•44 views

Schneider Electric homeLYnk Controller

CVSS V3 6.3 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Schneider Electric Equipment: homeLYnk Controller, LSS100100 Vulnerability: Cross-site Scripting AFFECTED PRODUCTS Schneider Electric reports that the vulnerability affects the following products: homeLYnk Controller,...

6.1CVSS7AI score0.00206EPSS

Exploits0References26

Packet Storm•added 2010/05/14 12:0 a.m.•16 views

Damianov.net Shoutbox 1.0 Cross Site Scripting

Exploit Title: damianov.net Shoutbox XSS Vulnerability Date: 13.05.2010 Author: Valentin Category: webapps/0day Version: 1.0 Tested on: Debian, Apache2, PHP5 CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information Advisory/Exploit Title =...

7.4AI score

Exploits0

securityvulns•added 2004/05/24 12:0 a.m.•30 views

Liferay Cross Site Scripting Flaw

Advisory Name: Liferay Cross Site Scripting flaw Release Date: 05/22/2004 Application: Liferay www.liferay.com Author: Sandeep Giri Vendor Status: Notified 4 months ago Overview: Taken from http://www.liferay.com/products/index.jsp Liferay Enterprise Portal was designed to: Provide organizations...

0.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by