CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

RedhatCVE•added 2026/01/09 8:37 a.m.•7 views

CVE-2019-20515

ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the addresses/ URI...

7.4CVSS5.7AI score0.00344EPSS

Exploits1References1

Cvelist•added 2020/05/07 4:36 p.m.•13 views

CVE-2020-12679

A reflected cross-site scripting XSS vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATHINFO to home.php...

6AI score0.00222EPSS

Exploits0References1

NVD•added 2019/07/16 6:15 p.m.•6 views

CVE-2019-12834

In HT2 Labs Learning Locker 3.15.1, it's possible to inject malicious HTML and JavaScript code into the DOM of the website via the PATHINFO to the dashboards/ URI...

7.3CVSS7.2AI score0.00227EPSS

Exploits1References1

Prion•added 2014/05/08 2:29 p.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in Offiria 2.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to installer/index.php...

4.3CVSS6.1AI score0.00359EPSS

Exploits3References3Affected Software1

Cvelist•added 2014/05/08 2:0 p.m.•18 views

CVE-2014-2689

Cross-site scripting XSS vulnerability in Offiria 2.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to installer/index.php...

5.6AI score0.00359EPSS

Exploits3References3

CVE•added 2014/05/02 12:0 a.m.•41 views

CVE-2014-3138

CVE-2014-3138 describes an SQL injection in Xerox DocuShare. The vulnerability affects DocuShare before 6.53 Patch 6 Hotfix 2, 6.6.1 Update 1 before Hotfix 24, and 6.6.1 Update 2 before Hotfix 3, allowing remote authenticated users to execute arbitrary SQL commands via PATH_INFO to /docushare/dsw...

6.5CVSS8.1AI score0.03452EPSS

Exploits1References8Affected Software1

CVE•added 2014/03/25 3:0 p.m.•60 views

CVE-2013-5951

CVE-2013-5951 affects extplorer (2.1.3) used as a Joomla! component. The vulnerability arises from multiple cross-site scripting (XSS) flaws via PATH_INFO in application.js.php, admin.php, copy_move.php, functions.php, header.php, and upload.php (include/ directory). Consequence: remote attackers...

2.6CVSS5.6AI score0.0032EPSS

Exploits3References5Affected Software1

Cvelist•added 2013/09/09 5:0 p.m.•14 views

CVE-2013-4899

Cross-site scripting XSS vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the gallery/ page...

5.7AI score0.00359EPSS

Exploits3References3

NVD•added 2012/08/28 5:55 p.m.•8 views

CVE-2012-4685

Cross-site scripting XSS vulnerability in Arbor Networks Peakflow SP 5.1.1 before patch 6, 5.5 before patch 4, and 5.6.0 before patch 1 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index...

4.3CVSS5.7AI score0.0148EPSS

Exploits1References6

NVD•added 2012/05/21 6:55 p.m.•8 views

CVE-2012-2914

Cross-site scripting XSS vulnerability in captchademo.php in Unijimpe Captcha allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.7AI score0.01861EPSS

Exploits1References3

Cvelist•added 2011/04/19 7:0 p.m.•19 views

CVE-2011-1723

Cross-site scripting XSS vulnerability in app/views/layouts/base.rhtml in Redmine 1.0.1 through 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to projects/hg-helloworld/news/. NOTE: some of these details are obtained from third party information...

5.7AI score0.07068EPSS

Exploits1References9

Cvelist•added 2010/03/15 9:0 p.m.•15 views

CVE-2009-4714

Cross-site scripting XSS vulnerability in the quiz module for XOOPS Celepar allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to cadastrousuario.php...

5.7AI score0.01011EPSS

Exploits1References3

NVD•added 2009/12/29 8:41 p.m.•8 views

CVE-2009-4446

Cross-site scripting XSS vulnerability in admin.php in phpInstantGallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.7AI score0.00723EPSS

Exploits1References3

Prion•added 2007/11/15 12:46 a.m.•6 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Justin Hagstrom AutoIndex PHP Script before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO PHPSELF...

4.3CVSS6.2AI score0.07657EPSS

Exploits0References7Affected Software1

Cvelist•added 2007/08/22 11:0 p.m.•16 views

CVE-2007-4480

Cross-site scripting XSS vulnerability in index.php in the Sirius 1.0 theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO PHPSELF...

5.8AI score0.00406EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by