CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Vulnrichment•added 2023/08/08 6:31 p.m.•10 views

CVE-2023-39518 social-media-skeleton stored Cross-site Scripting vulnerability

social-media-skeleton is an uncompleted social media project implemented using PHP, MySQL, CSS, JavaScript, and HTML. Versions 1.0.0 until 1.0.3 have a stored cross-site scripting vulnerability. The problem is patched in v1.0.3...

5.4CVSS6AI score0.01161EPSS

Exploits0References3

Amazon•added 2023/06/12 12:0 a.m.•5 views

Important: golang

Issue Overview: html/template: improper sanitization of CSS values Angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for...

9.8CVSS7.3AI score0.00289EPSS

Exploits0

Veracode•added 2020/10/21 3:21 a.m.•15 views

Template Injection

osm-static-maps is vulnerable to template injection. Lack of validation of user input into the template parameter tileserverUrl allows an attacker to inject arbitrary Javascript/HTML in a user's browser, perform requests on behalf of the user or read arbitrary local files...

7.6CVSS3.8AI score0.00477EPSS

Exploits1References2Affected Software1

OSV•added 2020/07/20 4:15 p.m.•17 views

CVE-2020-7680

docsify prior to 4.11.4 is susceptible to Cross-site Scripting XSS. Docsify.js uses fragment identifiers parameters after sign to load resources from server-side .md files. Due to lack of validation here, it is possible to provide external URLs after the // domain.com///attacker.com and render...

6.1CVSS6.4AI score

Exploits0References6

Prion•added 2020/07/20 4:15 p.m.•6 views

Cross site scripting

4.3CVSS6AI score0.03162EPSS

Exploits5References6Affected Software1

exploitpack•added 2019/07/29 12:0 a.m.•26 views

GigToDo 1.3 - Cross-Site Scripting

GigToDo 1.3 - Cross-Site Scripting Exploit Title: GigToDo - Freelance Marketplace Script v1.3 Persistent XSS Injection Google Dork: - Date: 2019/07/28 Author: m0ze Vendor Homepage: https://www.gigtodoscript.com Software Link: https://codecanyon.net/item/gigtodo-freelance-marketplace-script/238553...

6.8AI score

Exploits0

0day.today•added 2019/07/29 12:0 a.m.•22 views

GigToDo 1.3 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: GigToDo - Freelance Marketplace Script v1.3 Persistent XSS Injection Author: m0ze Vendor Homepage: https://www.gigtodoscript.com Software Link: https://codecanyon.net/item/gigtodo-freelance-marketplace-script/23855397 Version: =...

7.1AI score

Exploits0

Patchstack•added 2016/07/27 12:0 a.m.•8 views

WordPress Fluid Accessible Ui Options Plugin - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

2.5AI score

Exploits0References1Affected Software1

Packet Storm•added 2009/10/06 12:0 a.m.•15 views

PBBoard 2.0.2 Cross Site Scripting

Sec-Area Advisorypbboard Back to forums You will find the code works -------------------------------------------- World Defacers Team http://www.Sec-area.com --------------------------------------------...

7.4AI score

Exploits0

0day.today•added 2009/08/06 12:0 a.m.•16 views

PHP Script Forum Hoster (Topic Delete/XSS) Multiple Vulnerabilities

Exploit for unknown platform in category web applications =================================================================== PHP Script Forum Hoster Topic Delete/XSS Multiple Vulnerabilities =================================================================== "Word is born Fight the war fuck the...

7.1AI score

Exploits0

securityvulns•added 2001/09/24 12:0 a.m.•26 views

Various problems in Baltimore MailSweeper Script filtering

Saturday 22 September 2001 Various problems in Baltimore MailSweeper Script filtering =========================================================== Product Background -------------------- MAILsweeper is a Content Security solution for the gateway that allows businesses to implement policy for...

7.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by