Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 2026/02/16 9:55 a.m.4 views

CVE-2025-59904

Stored Cross-Site Scripting XSS vulnerability in Kubysoft, which is triggered through multiple parameters in the '/kForms/app' endpoint. This issue allows malicious scripts to be injected and executed persistently in the context of users accessing the affected resource...

5.1CVSS5.5AI score0.00133EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/02/16 9:55 a.m.3 views

CVE-2025-59904 Stored Cross-Site Scripting vulnerability in Kubysoft

Stored Cross-Site Scripting XSS vulnerability in Kubysoft, which is triggered through multiple parameters in the '/kForms/app' endpoint. This issue allows malicious scripts to be injected and executed persistently in the context of users accessing the affected resource...

5.1CVSS5.4AI score0.00133EPSS
Exploits0References1
CVE
CVEadded 2026/02/16 9:55 a.m.11 views

CVE-2025-59904

The CVE-2025-59904 entry describes a Stored Cross-Site Scripting (XSS) vulnerability in Kubysoft, triggered by multiple parameters in the /kForms/app endpoint. The issue allows malicious scripts to be injected and executed in the context of users accessing the affected resource, indicating a clie...

5.4CVSS5.5AI score0.00133EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2026/02/16 12:0 a.m.6 views

Kubysoft 跨站脚本漏洞

Kubysoft is an IT asset management software developed by the Spanish company Kubysoft. Kubysoft has a cross-site scripting vulnerability. This vulnerability stems from multiple parameters in the /forms/app endpoint, which are vulnerable to storage-based cross-site scripting attacks. This may allo...

5.4CVSS5.6AI score0.00133EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/17 8:27 p.m.5 views

CVE-2026-23725

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, a Stored Cross-Site Scripting XSS vulnerability was identified in the html/pet/adotantes/cadastroadotante.php and html/pet/adotantes/informacaoadotantes.php endpoint of the WeGIA application. The application does not sanitize...

5.4CVSS5.4AI score0.00213EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/05/21 12:0 a.m.4 views

CVE-2025-45755

A Stored Cross-Site Scripting XSS vulnerability exists in Vtiger CRM Open Source Edition v8.3.0, exploitable via the Services Import feature. An attacker can craft a malicious CSV file containing an XSS payload, mapped to the Service Name field. When the file is uploaded, the application improper...

5.8AI score0.00252EPSS
Exploits0References2
CVE
CVEadded 2025/05/21 12:0 a.m.57 views

CVE-2025-45755

Vulnerable software: Vtiger CRM Open Source Edition v8.3.0. The issue is a Stored Cross-Site Scripting (XSS) vulnerability exploitable via the Services Import feature. An attacker can craft a malicious CSV file containing an XSS payload mapped to the Service Name field; when uploaded, the applica...

6.1CVSS5.2AI score0.00252EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder