CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2026/05/24 2:12 a.m.•9 views

CVE-2021-47968

Podcast Generator 3.1 is vulnerable to persistent cross-site scripting, allowing authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests to execute...

6.4CVSS6AI score0.00034EPSS

Exploits0References1

Cvelist•added 2026/05/15 6:36 p.m.•32 views

CVE-2021-47968 Podcast Generator 3.1 Persistent Cross-Site Scripting via long_description

6.4CVSS0.00034EPSS

Exploits0References4

Vulnrichment•added 2026/05/15 6:36 p.m.•6 views

CVE-2021-47968 Podcast Generator 3.1 Persistent Cross-Site Scripting via long_description

6.4CVSS6AI score0.00034EPSS

Exploits0References4

ATTACKERKB•added 2026/05/15 6:36 p.m.•2 views

CVE-2021-47968

6.4CVSS6AI score0.00034EPSS

Exploits0References4Affected Software1

CVE•added 2026/05/15 6:36 p.m.•13 views

CVE-2021-47968

CVE-2021-47968 affects Podcast Generator 3.1. The vulnerability is a persistent cross-site scripting (XSS) flaw in the long_description field where authenticated users can submit unfiltered JavaScript during episode creation or editing, causing injected scripts to run when others view episode det...

6.4CVSS6AI score0.00034EPSS

Exploits0References4

EUVD•added 2026/05/15 6:36 p.m.•9 views

EUVD-2021-34821

Podcast Generator 3.1 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the longdescription parameter. Attackers can inject script tags through episode creation or editing requests t...

6.4CVSS5.9AI score0.00034EPSS

Exploits0References4

RedhatCVE•added 2026/01/29 3:26 a.m.•10 views

CVE-2025-70336

A Stored cross-site scripting XSS vulnerability in 'Create New Live Item' in PodcastGenerator 3.2.9 allows remote attackers to inject arbitrary script or HTML via the 'TITLE', 'SHORT DESCRIPTION' and 'LONG DESCRIPTION' parameters. The saved payload gets executed on 'View All Live Items' and 'Live...

4.8CVSS5.9AI score0.00066EPSS

Exploits0References1

EUVD•added 2026/01/28 12:0 a.m.•3 views

EUVD-2025-206501

4.8CVSS5.9AI score0.00066EPSS

Exploits0References2

CVE•added 2026/01/28 12:0 a.m.•8 views

CVE-2025-70336

PodcastGenerator 3.2.9 contains a stored XSS vulnerability in the Create New Live Item workflow. Attackers can inject script/HTML via TITLE, SHORT DESCRIPTION, or LONG DESCRIPTION; the payload is executed on the View All Live Items and Live Stream pages. The issue is confirmed across multiple fee...

4.8CVSS5.9AI score0.00066EPSS

Exploits0References2Affected Software1

Cvelist•added 2007/05/30 1:0 a.m.•13 views

CVE-2007-2884

Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service CPU consumption or execute arbitrary code via a Visual Basic Project vbp file with a long 1 Description or 2 Company Name VersionCompanyName field...

7.8AI score0.63383EPSS

Exploits1References8

Cvelist•added 2007/05/16 1:0 a.m.•18 views

CVE-2007-2703

BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if an administrator provides a long role description, which might allow remote authenticated users to access privileged resources...

6.2AI score0.00486EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by