CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/04/24 12:0 a.m.•6 views

Mahara 跨站脚本漏洞

Mahara is a free, open-source web-based electronic portfolio management system. Versions of Mahara prior to 25.04.2 and 24.04.11 contained a cross-site scripting vulnerability. This vulnerability stemmed from the Elasticsearch 7 search plugin not properly cleaning input parameters in queries, whi...

6.1CVSS5.6AI score0.00034EPSS

CVE•added 2026/04/24 12:0 a.m.•5 views

CVE-2025-59308

In Mahara, versions before 24.04.10 and 25 before 25.04.1 allow an institution administrator or institution support administrator on a multi-tenant site to masquerade as an institution member in another institution if they also hold the 'Site staff' role. This is the core vulnerability described ...

4.7CVSS5.2AI score0.00045EPSS

ATTACKERKB•added 2026/04/24 12:0 a.m.•1 views

CVE-2025-59308

5.2AI score0.00045EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2011-2745

Malware in sbrugna...

4.3CVSS6.1AI score0.00295EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2009-0666

Malware in sbrugna...

4.3CVSS6.1AI score0.00442EPSS

Exploits1References9

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2010-3849

Malware in sbrugna...

4.3CVSS6.4AI score0.00285EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2011-3601

Malware in sbrugna...

9.6CVSS9.1AI score0.07686EPSS

Exploits1References11

6.8CVSS6.1AI score0.00295EPSS

EUVD-2011-1410

Malware in sbrugna...

Exploits0References8

4.3CVSS6.1AI score0.00442EPSS

EUVD-2011-0464

Malware in sbrugna...

Exploits1References8

4.3CVSS6.1AI score0.00256EPSS

EUVD-2012-2246

Malware in sbrugna...

Exploits0References6

4.3CVSS6.1AI score0.00296EPSS

EUVD-2012-2240

Malware in sbrugna...

Exploits0References5

4.3CVSS6.4AI score0.00329EPSS

EUVD-2013-4307

Malware in sbrugna...

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-54911

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.0004EPSS

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-54912

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00087EPSS

RedhatCVE•added 2025/08/30 6:20 p.m.•2 views

CVE-2024-45753

In Mahara 23.04.8 and 24.04.4, the external RSS feed block can cause XSS if the external feed XML has a malicious value for the link attribute...

6.1CVSS6.4AI score0.00046EPSS

OpenVAS•added 2025/08/27 12:0 a.m.•3 views

Mahara < 22.10.6, 23.04.6, 24.04.1 XSS Vulnerability

Mahara is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mahara:mahara"; if...

6.1CVSS6.3AI score0.0004EPSS

OpenVAS•added 2025/08/27 12:0 a.m.•2 views

Mahara 24.04 < 24.04.2, 23.04 < 23.04.7 XSS Vulnerability

6.1CVSS6.3AI score0.0004EPSS

NVD•added 2025/08/26 9:15 p.m.•1 views

CVE-2024-35203

Mahara before 22.10.6, 23.04.6, and 24.04.1 allows cross-site scripting XSS via a file, with JavaScript code as part of its name, that is uploaded via the Mahara filebrowser system...

6.1CVSS0.0004EPSS

OSV•added 2025/08/26 9:15 p.m.•2 views

CVE-2024-35203

Mahara before 22.10.6, 23.04.6, and 24.04.1 allows cross-site scripting XSS via a file, with JavaScript code as part of its name, that is uploaded via the Mahara filebrowser system...

6.1CVSS5.7AI score0.0004EPSS