CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A cross-site request forgery vulnerability in Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older in the NCScanBuilder.DescriptorImpldoValidateAPI form validation method allowed attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.6AI score0.00117EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:14 a.m.•3 views

CVE-2019-10291

Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...

8.8CVSS6.5AI score0.00075EPSS

Exploits0References1

Github Security Blog•added 2022/05/13 1:31 a.m.•13 views

CSRF vulnerability in Jenkins Netsparker Enterprise Scan Plugin

6.5CVSS6.6AI score0.00117EPSS

Exploits0References5Affected Software1

OSV•added 2022/05/13 1:31 a.m.•10 views

GHSA-QC3M-6XMQ-7HRJ CSRF vulnerability in Jenkins Netsparker Enterprise Scan Plugin

6.5CVSS6.3AI score0.00117EPSS

Exploits0References4

Github Security Blog•added 2022/05/13 1:15 a.m.•15 views

Jenkins Netsparker Enterprise Scan Plugin stored credentials in plain text

Jenkins Netsparker Enterprise Scan Plugin stored API tokens unencrypted in its global configuration file com.netsparker.cloud.plugin.NCScanBuilder.xml on the Jenkins controller. These API tokens could be viewed by users with access to the Jenkins controller file system. Netsparker Enterprise Scan...

8.8CVSS6.6AI score0.00075EPSS

Exploits0References4Affected Software1

OSV•added 2022/05/13 1:15 a.m.•13 views

GHSA-M7Q8-8G56-M78W Jenkins Netsparker Enterprise Scan Plugin stored credentials in plain text

3.3CVSS8.6AI score0.00075EPSS

Exploits0References3

OSV•added 2022/05/13 1:15 a.m.•14 views

GHSA-WHCG-2364-672F Missing permission check in Jenkins Netsparker Cloud Scan Plugin

A missing permission check in Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older in the NCScanBuilder.DescriptorImpldoValidateAPI form validation method allowed attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.3AI score0.00069EPSS

Exploits0References4

Github Security Blog•added 2022/05/13 1:15 a.m.•14 views

Missing permission check in Jenkins Netsparker Cloud Scan Plugin

6.5CVSS6.5AI score0.00069EPSS

Exploits0References5Affected Software1

Packet Storm•added 2021/07/21 12:0 a.m.•313 views

Ampache 4.4.2 Cross Site Scripting

Information -------------------- Advisory by Netsparker Name: Cross-site Scripting vulnerability in Ampache 4.4.2 Affected Software: Ampache Affected Versions: 4.4.2 Homepage: http://ampache.org/ Vulnerability: Cross-Site Scripting Severity: High Status: Fixed CVSS Score 3.0: 7.4 High Netsparker...

7.4AI score

Exploits0

Packet Storm•added 2021/01/28 12:0 a.m.•273 views

Chamilo LMS 1.11.14 Cross Site Scripting

Hello, We are informing you about a Cross-Site Scripting Vulnerability in Chamilo LMS 1.11.14. Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting Vulnerability in Chamilo LMS Affected Software: Chamilo LMS Affected Versions: 1.11.14 Homepage: https://chamilo.org/en...

7.4AI score

Exploits0

Packet Storm•added 2020/12/28 12:0 a.m.•433 views

SEOPanel 4.6.0 Cross Site Scripting

Hello, We are informing you about Cross-Site Scripting Vulnerabilities in SEOPanel 4.6.0. Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting Vulnerabilities in SEOPanel Affected Software: SEOPanel Affected Versions: 4.6.0 Vendor Homepage: https://www.seopanel.org/...

7.4AI score

Exploits0

Packet Storm•added 2020/12/10 12:0 a.m.•588 views

BigtreeCMS 4.4.11 Cross Site Scripting

Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting Vulnerability in BigtreeCMS Affected Software: BigtreeCMS Affected Versions: 4.4.11 Vendor Homepage: https://www.bigtreecms.org/ Vulnerability Type: Cross-Site Scripting Severity: Important Status: Fixed CVE-ID:...

7.4AI score

Exploits0

Packet Storm•added 2020/09/10 12:0 a.m.•761 views

IlchCMS 2.1.37 Cross Site Scripting

Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting in IlchCMS Affected Software: IlchCMS Affected Versions: 2.1.37 Vendor Homepage: https://www.ilch.de/ Vulnerability Type: Cross-Site Scripting Severity: Important Status: Fixed CVSS Score 3.0: 7.4 High Netsparker...

7.4AI score

Exploits0

0day.today•added 2020/04/28 12:0 a.m.•27 views

Geeklog 2.2.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting Vulnerability in Geeklog Affected Software: Geeklog Affected Versions: 2.2.1 Vendor Homepage: https://www.geeklog.net/ Vulnerability Type: Cross-Site Scripting...

7.4AI score

Exploits0

0day.today•added 2020/04/28 12:0 a.m.•41 views

Geeklog 2.2.1 SQL Injection Vulnerability

Exploit for php platform in category web applications Information -------------------- Advisory by Netsparker Name: Blind SQL Injection Vulnerability in Geeklog Affected Software: Geeklog Affected Versions: 2.2.1 Vendor Homepage: https://www.geeklog.net/ Vulnerability Type: Blind SQL Injection...

7.4AI score

Exploits0

Packet Storm•added 2020/04/27 12:0 a.m.•118 views

Geeklog 2.2.1 SQL Injection

Information -------------------- Advisory by Netsparker Name: Blind SQL Injection Vulnerability in Geeklog Affected Software: Geeklog Affected Versions: 2.2.1 Vendor Homepage: https://www.geeklog.net/ Vulnerability Type: Blind SQL Injection Severity: Critical Status: Fixed CVSS Score 3.0: 8.6 Hig...

7.4AI score

Exploits0

Packet Storm•added 2020/04/27 12:0 a.m.•110 views

Geeklog 2.2.1 Cross Site Scripting

Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting Vulnerability in Geeklog Affected Software: Geeklog Affected Versions: 2.2.1 Vendor Homepage: https://www.geeklog.net/ Vulnerability Type: Cross-Site Scripting Severity: Important Status: Fixed CVSS Score 3.0: 7.4...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by