CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

Cvelist•added 2026/01/24 8:26 a.m.•29 views

CVE-2025-14907 Moderate Selected Posts <= 1.4 - Cross-Site Request Forgery to Plugin Settings Update

The Moderate Selected Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing nonce verification on the mspadminpage function. This makes it possible for unauthenticated attackers to modify plugin settings via a forg...

4.3CVSS0.0005EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 10:34 a.m.•2 views

CVE-2017-18402

cPanel before 68.0.15 allows stored XSS during a cpaddons moderated upgrade SEC-336...

5.4CVSS6.2AI score0.00287EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-9518

Malware in sbrugna...

5.4CVSS5.5AI score0.00287EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2016-4919

Malware in sbrugna...

5.5CVSS6AI score0.00109EPSS

Exploits0References3

Cvelist•added 2025/06/11 2:20 p.m.•8 views

CVE-2025-48013 Quick Node Block - Moderately critical - Access bypass - SA-CONTRIB-2025-065

Missing Authorization vulnerability in Drupal Quick Node Block allows Forceful Browsing.This issue affects Quick Node Block: from 0.0.0 before 2.0.0...

0.00264EPSS

Exploits0References1

phpMyAdmin•added 2025/01/20 12:0 a.m.•14 views

XSS on Insert page

PMASA-2025-2 Announcement-ID: PMASA-2025-2 Date: 2025-01-20 Updated: 2025-01-23 Summary XSS on Insert page Description An XSS vulnerability has been discovered with the phpMyAdmin "Insert" tab. Severity We consider this vulnerability to be of moderate severity. Affected Versions phpMyAdmin versio...

6.4CVSS7.1AI score0.0028EPSS

Exploits0Affected Software1

Vulnrichment•added 2024/12/19 7:13 p.m.•11 views

CVE-2024-52589 Moderators can view Screened emails even when the “moderators view emails” option is disabled in Discourse

Discourse is an open source platform for community discussion. Moderators can see the Screened emails list in the admin dashboard, and through that can learn the email of a user. This problem is patched in the latest version of Discourse. Users unable to upgrade should remove moderator role from...

2.2CVSS6.8AI score0.00411EPSS

Exploits0References1

Vulnerability Lab•added 2021/10/27 12:0 a.m.•71 views

PHPJabbers Simple CMS v5 - Persistent XSS Vulnerability

Document Title: =============== PHPJabbers Simple CMS v5 - Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2300 Release Date: ============= 2021-10-27 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score

Exploits0

Prion•added 2019/08/02 2:15 p.m.•15 views

Cross site scripting

cPanel before 68.0.15 allows stored XSS during a cpaddons moderated upgrade SEC-336...

3.5CVSS5.2AI score0.00287EPSS

Exploits0References2Affected Software1

OSV•added 2018/02/19 2:29 p.m.•1 views

CVE-2017-16755

An issue was discovered in Userscape HelpSpot before 4.7.2. A reflected cross-site scripting vulnerability exists in the "return" parameter of the "index.php?pg=moderated" endpoint. It executes when the return link is clicked...

6.1CVSS5.7AI score

Exploits0References3

Oracle linux•added 2015/07/28 12:0 a.m.•38 views

mailman security and bug fix update

3:2.1.12-25 - fix CVE-2002-0389 - local users able to read private mailing list archives 3:2.1.12-24 - fix CVE-2015-2775 - directory traversal in MTA transports 3:2.1.12-23 - fix 1095359 - handle update when some mailing lists have been created by newer Mailman than this one 3:2.1.12-22 - fix...

7.6CVSS0.9AI score0.06687EPSS

Exploits1

seebug.org•added 2014/07/01 12:0 a.m.•31 views

Web Wiz Forums 9.68 SQLi Vulnerability

No description provided by source. ========================================= Web Wiz Forums 9.68 SQLi Vulnerability ========================================= Name : Web Wiz Forums 9.68 SQLi Vulnerability Date : june, 9 2010 Vendor url :http://www.webwiz.co.uk/webwizforums/ Platform: Windows...

7.1AI score

Exploits0

Prion•added 2010/12/30 9:0 p.m.•16 views

Design/Logic Flaw

MyBB aka MyBulletinBoard before 1.4.12 does not properly restrict uid values for group join requests, which allows remote attackers to cause a denial of service resource consumption by using guest access to submit join request forms for moderated groups, related to usercp.php and managegroup.php...

5CVSS7.3AI score0.0119EPSS

Exploits0References7Affected Software1

Cvelist•added 2010/12/30 8:0 p.m.•12 views

CVE-2010-4629

6.7AI score0.0119EPSS

Exploits0References7

0day.today•added 2010/06/27 12:0 a.m.•13 views

VideoWhisper Video Consultation Xss Vulnerabilities

Exploit for php platform in category web applications =================================================== VideoWhisper Video Consultation Xss Vulnerabilities =================================================== To accomplish great things, we must dream as well as act...

7.1AI score

Exploits0

0day.today•added 2010/06/22 12:0 a.m.•21 views

The webring service SQL Injection Vulnerability

Exploit for php platform in category web applications =============================================== The webring service SQL Injection Vulnerability =============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 ...

7.1AI score

Exploits0

seebug.org•added 2009/10/08 12:0 a.m.•10 views

PBBoard <=2.0.2 - XSS in Topic

No description provided by source. Sec-Area Advisorypbboard =2.0.2 - XSS in Topic Details ======= Product: PHP = PBBoard Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.pbboard.com Credits ============ Discovered by: rUnViRuS site: http://www.sec-area.com Affected Products:...

7.1AI score

Exploits0

0day.today•added 2009/10/06 12:0 a.m.•17 views

PBBoard <= 2.0.2 xss

Exploit for unknown platform in category web applications ==================== PBBoard Back to forums You will find the code works -------------------------------------------- 0day.today 2018-03-12...

7.1AI score

Exploits0

securityvulns•added 2008/09/24 12:0 a.m.•41 views

[MajorSecurity Advisory #53]BLUEPAGE CMS - Cross Site Scripting and Session Fixation Issues

MajorSecurity Advisory 53BLUEPAGE CMS - Cross Site Scripting and Session Fixation Issues Details ======= Product: BLUEPAGE CMS Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.bluepage-cms.com/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered b...

0.1AI score

Exploits0

Packet Storm•added 2008/05/13 12:0 a.m.•33 views

major_rls52.txt

MajorSecurity Advisory 52ActualAnalyzer family - Cross Site Scripting Issues Details ======= Product: Actual Analyzer Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.actualscripts.com Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by