CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

RedhatCVE•added 2026/02/17 1:27 p.m.•4 views

CVE-2025-59904

Stored Cross-Site Scripting XSS vulnerability in Kubysoft, which is triggered through multiple parameters in the '/kForms/app' endpoint. This issue allows malicious scripts to be injected and executed persistently in the context of users accessing the affected resource...

5.4CVSS5.5AI score0.00133EPSS

Exploits0References1

RedhatCVE•added 2026/02/17 1:27 p.m.•3 views

CVE-2025-59905

Cross-Site Scripting XSS vulnerability reflected in Kubysoft, which occurs through multiple parameters within the endpoint ‘/node/kudaby/nodeFN/procedure’. This flaw allows the injection of arbitrary client-side scripts, which are immediately reflected in the HTTP response and executed in the...

6.1CVSS5.7AI score0.00134EPSS

Exploits0References1

RedhatCVE•added 2026/02/17 1:27 p.m.•7 views

CVE-2025-59903

Stored Cross-Site Scripting XSS vulnerability in Kubysoft, where uploaded SVG images are not properly sanitized. This allows attackers to embed malicious scripts within SVG files as visual content, which are then stored on the server and executed in the context of any user accessing the compromis...

5.4CVSS5.5AI score0.00133EPSS

Exploits0References1

EUVD•added 2026/02/16 12:30 p.m.•5 views

EUVD-2025-206984

5.1CVSS5.5AI score0.00133EPSS

Exploits0References2

EUVD•added 2026/02/16 12:30 p.m.•3 views

EUVD-2025-206985

4.8CVSS5.7AI score0.00134EPSS

Exploits0References2

EUVD•added 2026/02/16 12:30 p.m.•3 views

EUVD-2025-206983

5.1CVSS5.5AI score0.00133EPSS

Exploits0References2

NVD•added 2026/02/16 10:16 a.m.•6 views

CVE-2025-59905

6.1CVSS0.00134EPSS

Exploits0References1

NVD•added 2026/02/16 10:16 a.m.•4 views

CVE-2025-59904

5.4CVSS0.00133EPSS

Exploits0References1

NVD•added 2026/02/16 10:16 a.m.•3 views

CVE-2025-59903

5.4CVSS0.00133EPSS

Exploits0References1

Cvelist•added 2026/02/16 9:55 a.m.•31 views

CVE-2025-59904 Stored Cross-Site Scripting vulnerability in Kubysoft

5.1CVSS0.00133EPSS

Exploits0References1

ATTACKERKB•added 2026/02/16 9:55 a.m.•4 views

CVE-2025-59904

5.1CVSS5.5AI score0.00133EPSS

Exploits0References2

Vulnrichment•added 2026/02/16 9:55 a.m.•3 views

CVE-2025-59904 Stored Cross-Site Scripting vulnerability in Kubysoft

5.1CVSS5.4AI score0.00133EPSS

Exploits0References1

CVE•added 2026/02/16 9:55 a.m.•10 views

CVE-2025-59904

The CVE-2025-59904 entry describes a Stored Cross-Site Scripting (XSS) vulnerability in Kubysoft, triggered by multiple parameters in the /kForms/app endpoint. The issue allows malicious scripts to be injected and executed in the context of users accessing the affected resource, indicating a clie...

5.4CVSS5.5AI score0.00133EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/02/16 9:55 a.m.•27 views

CVE-2025-59903 Stored Cross-Site Scripting (XSS) in Kubysoft

5.1CVSS0.00133EPSS

Exploits0References1

ATTACKERKB•added 2026/02/16 9:55 a.m.•2 views

CVE-2025-59903

5.1CVSS5.5AI score0.00133EPSS

Exploits0References2

Vulnrichment•added 2026/02/16 9:55 a.m.•3 views

CVE-2025-59903 Stored Cross-Site Scripting (XSS) in Kubysoft

5.1CVSS5.5AI score0.00133EPSS

Exploits0References1

CVE•added 2026/02/16 9:55 a.m.•5 views

CVE-2025-59903

CVE-2025-59903 documents a Stored XSS in Kubysoft due to SVG uploads not being sanitized. The payloads can be embedded as visual content in SVG files, which are stored server-side and executed in the context of any user who views the compromised resource. The NVD/CVE records confirm the vulnerabi...

5.4CVSS5.5AI score0.00133EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/02/16 9:49 a.m.•28 views

CVE-2025-59905 Reflected Cross-Site Scripting (XSS) in Kubysoft

4.8CVSS0.00134EPSS

Exploits0References1

ATTACKERKB•added 2026/02/16 9:49 a.m.•2 views

CVE-2025-59905

4.8CVSS5.7AI score0.00134EPSS

Exploits0References2

Vulnrichment•added 2026/02/16 9:49 a.m.•2 views

CVE-2025-59905 Reflected Cross-Site Scripting (XSS) in Kubysoft