CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

NVD•added 2026/02/03 11:16 p.m.•10 views

CVE-2020-37087

Easy Transfer Wifi Transfer v1.7 for iOS contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious scripts by manipulating the oldPath, newPath, and path parameters in Create Folder and Move/Edit functions. Attackers can exploit improper input...

5.1CVSS0.00342EPSS

Exploits0References4

CVE•added 2026/02/03 10:9 p.m.•11 views

CVE-2020-37087

Easy Transfer Wifi Transfer v1.7 for iOS is affected by a persistent XSS due to improper input validation in Create Folder and Move/Edit, exploitable via POST requests by manipulating oldPath, newPath, and path parameters. The issue enables arbitrary JavaScript execution in the mobile web context...

5.1CVSS5.5AI score0.00342EPSS

Exploits0References4

ATTACKERKB•added 2026/02/01 12:56 p.m.•3 views

CVE-2023-54343

QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading t...

6.4CVSS6AI score0.00305EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/02/01 12:56 p.m.•3 views

CVE-2023-54343 QWE DL 2.0.1 Persistent XSS Vulnerability via Path Parameter

6.4CVSS5.4AI score0.00305EPSS

Exploits0References3

Vulnrichment•added 2025/12/17 4:13 p.m.•5 views

CVE-2025-26381 OpenBlue Mobile Web Application configuration issue for optional for OpenBlue Workplace (formerly FM Systems)

Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to sensitive information...

9CVSS6.5AI score0.00281EPSS

Exploits0References2

RedhatCVE•added 2025/05/18 4:3 p.m.•12 views

CVE-2025-48127

Missing Authorization vulnerability in App Cheap Push notification for Mobile and Web app push-notification-mobile-and-web-app allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Push notification for Mobile and Web app: from n/a through = 2.0.3...

6.5CVSS7.2AI score0.00214EPSS

Exploits0References1

CVE•added 2025/05/16 3:45 p.m.•24 views

CVE-2025-48127

CVE-2025-48127 is a Missing Authorization vulnerability in the WordPress plugin Push notification for Mobile and Web app , caused by misconfigured access control. Affected versions are listed as “from n/a through 2.0.3” (no public product/version details provided). The CVSS vector (AV:N/AC:L/PR:N...

6.5CVSS7.2AI score0.00214EPSS

Exploits0References1

CNVD•added 2018/12/10 12:0 a.m.•0 views

File Upload Vulnerability in anmi V1.1.0

Anmi program is a program that focuses on H5 mobile website/app construction. A file upload vulnerability exists in anmi V1.1.0. An attacker can exploit this vulnerability to upload arbitrary files...

7.1AI score

Exploits0

Vulnerability Lab•added 2013/06/14 12:0 a.m.•21 views

Facebook Mobile Bug Bounty #7 - Redirect Vulnerability

Document Title: =============== Facebook Mobile Bug Bounty 7 - Redirect Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=975 Facebook Security ID: 159243257 Release Date: ============= 2013-06-14 Vulnerability Laboratory ID VL-ID:...

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by