CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7648 matches found

Exploit DB•added 2023/07/20 12:0 a.m.•190 views

Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities

Exploit Title: Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities References Source: https://www.vulnerability-lab.com/getcontent.php?id=2278 Release Date: 2023-07-04 Vulnerability Laboratory ID VL-ID: 2278 Common Vulnerability Scoring System: 5.4 Product & Service Introduction:...

7.4AI score

Exploits0

Exploit DB•added 2023/07/20 12:0 a.m.•278 views

Webile v1.0.1 - Multiple Cross Site Scripting

Exploit Title: Webile v1.0.1 - Multiple Cross Site Scripting References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2321 Release Date: ============= 2023-07-03 Vulnerability Laboratory ID VL-ID: ==================================== 2321 Common Vulnerability...

7.4AI score

Exploits0

Exploit DB•added 2023/07/20 12:0 a.m.•259 views

PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

Exploit Title: PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2285 Release Date: ============= 2023-07-19 Vulnerability Laboratory ID VL-ID: ==================================== 2285 Common...

7.4AI score

Exploits0

RedHat Linux•added 2023/07/19 3:37 a.m.•44 views

Moderate: Red Hat Security Advisory: VolSync 0.7.3 security fixes and enhancements

VolSync v0.7.3 enhancements and security fixes Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS6.5AI score0.00442EPSS

Exploits0References3

Packet Storm•added 2023/07/19 12:0 a.m.•258 views

Tiva Events Calender 1.4 Cross Site Scripting

Document Title: =============== Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2276 Release Date: ============= 2023-07-05 Vulnerability Laboratory ID VL-ID:...

7.1AI score

Exploits0

Packet Storm•added 2023/07/19 12:0 a.m.•250 views

PaulPrinting CMS Cross Site Scripting

Document Title: =============== PaulPrinting CMS - Search Delivery Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2286 Release Date: ============= 2023-07-17 Vulnerability Laboratory ID VL-ID: ==================================...

7.1AI score

Exploits0

Packet Storm•added 2023/07/19 12:0 a.m.•323 views

Active Super Shop CMS 2.5 HTML Injection

Document Title: =============== Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2278 Release Date: ============= 2023-07-04 Vulnerability Laboratory ID VL-ID: ==================================...

7.1AI score

Exploits0

Packet Storm•added 2023/07/19 12:0 a.m.•336 views

Webile 1.0.1 Cross Site Scripting

Document Title: =============== Webile v1.0.1 - Multiple Cross Site Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2321 Release Date: ============= 2023-07-03 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score

Exploits0

Patchstack•added 2023/07/18 12:0 a.m.•7 views

WordPress WordPress Persistent Login Plugin < 2.0.15 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Persistent Login Type Plugin Vulnerable versions 2.0.15 Fixed in 2.0.15 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 12dbff6dbbea Credits Rafie Muhammad...

6.2AI score0.00284EPSS

Exploits0References3Affected Software1

Vulnerability Lab•added 2023/07/18 12:0 a.m.•290 views

PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

Document Title: =============== PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2285 Release Date: ============= 2023-07-18 Vulnerability Laboratory ID VL-ID: ===================================...

7.4AI score

Exploits0

Packet Storm•added 2023/07/17 12:0 a.m.•271 views

WinterCMS 1.2.2 Cross Site Scripting

Exploit Title: WinterCMS alertdocument.cookie; //P...

4.8CVSS7.1AI score0.01637EPSS

Exploits4

Exploit DB•added 2023/07/15 12:0 a.m.•298 views

WinterCMS < 1.2.3 - Persistent Cross-Site Scripting

Exploit Title: WinterCMS alertdocument.cookie; //Post Request...

4.8CVSS5.1AI score0.01637EPSS

Exploits4

OSSF Malicious Packages•added 2023/07/14 1:2 a.m.•4 views

Malicious code in proof-of-solvency-verification (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c80842c791023b79222e82ae88ac91bc92a9941cf2a6b08c29042d98fa99363b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

The Hacker News•added 2023/07/13 4:7 p.m.•49 views

PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland

Government entities, military organizations, and civilian users in Ukraine and Poland have been targeted as part of a series of campaigns designed to steal sensitive data and gain persistent remote access to the infected systems. The intrusion set, which stretches from April 2022 to July 2023,...

6.7AI score

Exploits0

OSV•added 2023/07/13 10:15 a.m.•3 views

DEBIAN-CVE-2023-29455

Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts...

6.1CVSS5.8AI score0.00559EPSS

Exploits0References1

OSV•added 2023/07/13 10:15 a.m.•10 views

CVE-2023-29455

6.1CVSS9.2AI score

Exploits0References3

UbuntuCve•added 2023/07/13 10:15 a.m.•35 views

CVE-2023-29455

6.1CVSS6.4AI score0.00559EPSS

Exploits0References2

UbuntuCve•added 2023/07/13 10:15 a.m.•25 views

CVE-2023-29454

Stored or persistent cross-site scripting XSS is a type of XSS where the attacker first sends the payload to the web application, then the application saves the payload e.g., in a database or server-side text files, and finally, the application unintentionally executes the payload for every victi...

5.4CVSS6AI score0.00478EPSS

Exploits0References2

OSV•added 2023/07/13 10:15 a.m.•1 views

UBUNTU-CVE-2023-29455

6.1CVSS6AI score0.00559EPSS

Exploits0References3

CVE•added 2023/07/13 9:33 a.m.•104 views

CVE-2023-29455

CVE-2023-29455 describes a reflected (non-persistent) XSS in Zabbix frontend, triggered by passing malicious code as a GET parameter to graph.php. The connected Debian advisory confirms this CVE is among multiple Zabbix flaws and provides remediation: on Debian 11 (bullseye) upgrade to 1:5.0.44+d...

6.1CVSS5.9AI score0.00559EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by