Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

GithubExploit
GithubExploitadded 2026/02/07 6:52 p.m.179 views

Payload-XSS

Payload-XSS Daftar Isi 1. Payload Dasar 1-20payload-...

5.5AI score
Exploits0
Prion
Prionadded 2021/07/26 8:15 p.m.13 views

Cross site scripting

Cross Site Scripting XSS vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,"...

3.5CVSS4.8AI score0.0016EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2021/07/26 7:12 p.m.68 views

CVE-2020-23234

CVE-2020-23234 affects LavaLite CMS 5.8.0 (Menu Blocks feature) with a Cross-Site Scripting (XSS) vulnerability that can be bypassed using HTML event handlers such as ontoggle. The available connected sources confirm the product, version, and the XSS in this component, along with the described by...

4.8CVSS4.9AI score0.0016EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDadded 2021/07/26 12:0 a.m.2 views

LavaLite 跨站脚本漏洞

LavaLite is an open source lightweight content management system CMS. A cross-site scripting vulnerability exists in LavaLite CMS version 5.8.0, which can be bypassed by an attacker using an HTML event handler such as "ontoggle"...

4.8CVSS4.9AI score0.0016EPSS
Exploits1References2
Prion
Prionadded 2020/05/08 12:15 a.m.7 views

Cross site scripting

In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature. The protection mechanism can be bypassed by using HTML event handlers such as ontoggle...

3.5CVSS5AI score0.00309EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2020/05/07 11:29 p.m.8 views

CVE-2020-12718

In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature. The protection mechanism can be bypassed by using HTML event handlers such as ontoggle...

5.9AI score0.00309EPSS
Exploits1References1
CNVD
CNVDadded 2018/11/06 12:0 a.m.1 views

WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2019-09135)

WUZHI CMS is five fingers WUZHI company based on PHP and MySQL open source content management system CMS. A stored cross-site scripting vulnerability exists in index.php?m=core&f=index in WUZHI CMS 4.1.0, which can be exploited to inject arbitrary web script or HTML via the ontoggle attribute of...

4.8CVSS4.7AI score0.00235EPSS
Exploits1References1
CVE
CVEadded 2018/11/05 8:0 a.m.40 views

CVE-2018-18938

CVE-2018-18938 affects WUZHI CMS 4.1.0. There is a stored XSS in the admin-facing page index.php?m=core&f=index, exploitable via an ontoggle attribute in the details/open/ section within a second input field. CVSS metrics in NVD indicate a base score of 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N) under CVSS...

4.8CVSS4.7AI score0.00235EPSS
Exploits1References1Affected Software1
CNVD
CNVDadded 2017/04/24 12:0 a.m.1 views

Stored Cross-Site Scripting Vulnerability at Custom Inputs in Thinksaas System

ThinkSAAS is a lightweight open source community system is a community system that can be used to build discussion groups, bbs and circles. A stored cross-site scripting vulnerability exists in Thinksaas version 2.5 at the system's custom input. The system uses a blacklisting mechanism to filter...

5.7AI score
Exploits0
Rows per page
Query Builder