CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-23962

Malware in sbrugna...

5.4CVSS5.6AI score0.00185EPSS

Exploits1References3

RedhatCVE•added 2025/05/22 8:5 p.m.•9 views

CVE-2021-37392

In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. When the API functions are enabled, the attacker can use API to update user nickname with XSS payload and achieve stored XSS. Users who view the articles published by the injected user will...

5.4CVSS5.8AI score0.00185EPSS

Exploits1References1

NVD•added 2021/07/26 6:15 p.m.•6 views

CVE-2021-37393

In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. Attacker can use "update password" function to inject XSS payloads into nickname variable, and achieve stored XSS. Users who view the articles published by the injected user will trigger the...

5.4CVSS0.00185EPSS

Exploits1References2

Cvelist•added 2021/07/26 5:5 p.m.•11 views

CVE-2021-37393

5.4AI score0.00185EPSS

Exploits1References2

CVE•added 2021/07/26 5:5 p.m.•49 views

CVE-2021-37393

CVE-2021-37393 affects RPCMS v1.8 and earlier: the nickname variable is not sanitized before display, enabling stored XSS via the update password function. Users viewing articles by the injected user trigger the XSS. No remediation/fix details are provided in the connected documents.

5.4CVSS5.2AI score0.00185EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by