CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

48 matches found

Cvelist•added 2022/03/03 9:55 p.m.•14 views

CVE-2022-23051

PeteReport Version 0.5 allows an authenticated admin user to inject persistent JavaScript code while adding an 'Attack Tree' by modifying the 'svgfile' parameter...

5.8AI score0.00516EPSS

Exploits1References2

CNNVD•added 2022/03/03 12:0 a.m.•4 views

PeTeReport 跨站脚本漏洞

PeTeReport is an open source application vulnerability reporting tool. Designed to assist penetration testing/red team efforts by simplifying the task of report writing and generation, PeTeReport version 0.5 contains a cross-site scripting vulnerability that stems from the software's lack of...

4.8CVSS5.3AI score0.00548EPSS

Exploits1References4

OSV•added 2022/02/09 11:15 p.m.•14 views

CVE-2022-23047

Exponent CMS 2.6.0patch2 allows an authenticated admin user to inject persistent JavaScript code inside the "Site/Organization Name","Site Title" and "Site Header" parameters while updating the site settings on "/exponentcms/administration/configuresite"...

4.8CVSS6.7AI score

Exploits0References3

Prion•added 2022/02/09 11:15 p.m.•14 views

Code injection

3.5CVSS5.1AI score0.02891EPSS

Exploits1References3Affected Software1

CNNVD•added 2022/02/09 12:0 a.m.•4 views

Palo Alto Network Cortex XSOAR 跨站脚本漏洞

Palo Alto Networks Cortex Xsoar is a Security Orchestration Automation and Response Soar platform from Palo Alto Networks, USA. A cross-site scripting vulnerability exists in Palo Alto Networks Cortex XSOAR that allows an attacker to store a persistent javascript exploit code that could lead to t...

6.8CVSS6.3AI score0.01711EPSS

Exploits3References6

WPVulnDB•added 2018/02/10 12:0 a.m.•20 views

Bookly #1 WordPress Booking Plugin (Lite) <= 13.2 – Unauthenticated Blind Stored XSS

An unauthenticated user can inject arbitrary persistent javascript code in the admin panel via Bookly plug-in...

4.3CVSS3.1AI score0.01001EPSS

Exploits2References1Affected Software1

exploitpack•added 2014/04/23 12:0 a.m.•35 views

HP Laser Jet - JavaScript Persistent Cross-Site Scripting via PJL Directory Traversal

HP Laser Jet - JavaScript Persistent Cross-Site Scripting via PJL Directory Traversal !/usr/bin/perl use strict; use warnings; use IO::Socket::INET; my $host = $ARGV0; Exploit Title: HP Laser Jet Persistent Javascript Cross Site Scripting via PJL Google Dork: n/a Date: 4/22/14 Exploit Author:...

7.8CVSS0.1313EPSS

Exploits14

NVD•added 2008/09/16 11:0 p.m.•21 views

CVE-2008-3622

Cross-site scripting XSS vulnerability in Wiki Server in Apple Mac OS X 10.5 through 10.5.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message that reaches a mailing-list archive, aka "persistent JavaScript injection."...

4.3CVSS5.8AI score0.02299EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by