CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

PHP Login System 2.0.1 - Cross-Site Scripting

msaad1999's PHP-Login-System 2.0.1 contains a reflected cross-site scripting caused by unsanitized input in 'validator' parameter in /reset-password, letting remote attackers execute arbitrary JavaScript in a user's browser, exploit requires attacker to craft malicious URL id: CVE-2023-38875 info...

6.1CVSS6.5AI score0.08597EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-42643

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.08597EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-42644

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.07623EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:9 a.m.•1 views

CVE-2023-38876

A reflected cross-site scripting XSS vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'...

6.1CVSS6.1AI score0.07623EPSS

Exploits0

RedhatCVE•added 2025/05/23 3:30 a.m.•5 views

CVE-2023-38875

6.1CVSS6.1AI score0.08597EPSS

Exploits0

ATTACKERKB•added 2023/09/20 9:15 p.m.•1 views

CVE-2023-38875

6.1CVSS6AI score0.08597EPSS

Exploits0References3

ATTACKERKB•added 2023/09/20 9:15 p.m.•3 views

CVE-2023-38876

6.1CVSS6AI score0.07623EPSS

Exploits0References2

OSV•added 2023/09/20 9:15 p.m.•11 views

CVE-2023-38876

6.1CVSS6.2AI score0.07623EPSS

Exploits0References1

NVD•added 2023/09/20 9:15 p.m.•5 views

CVE-2023-38876

6.1CVSS6.1AI score0.07623EPSS

Exploits0References1

NVD•added 2023/09/20 9:15 p.m.•18 views

CVE-2023-38875

6.1CVSS6.1AI score0.08597EPSS

Exploits0References1

Prion•added 2023/09/20 9:15 p.m.•14 views

Cross site scripting

5.8CVSS6.1AI score0.07623EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2023/09/20 12:0 a.m.•3 views

PT-2023-26655 · Unknown · Php-Login-System

Name of the Vulnerable Software and Affected Versions: PHP-Login-System version 2.0.1 Description: A reflected cross-site scripting XSS issue allows remote attackers to execute arbitrary JavaScript in a user's web browser. This is achieved by including a malicious payload into the selector...

6.1CVSS6.3AI score0.07623EPSS

Exploits0References6

Vulnrichment•added 2023/09/20 12:0 a.m.•7 views

CVE-2023-38876

6.1AI score0.07623EPSS

Exploits0References1

Cvelist•added 2023/09/20 12:0 a.m.•17 views

CVE-2023-38876

6.2AI score0.07623EPSS

Exploits0References1

CVE•added 2023/09/20 12:0 a.m.•50 views

CVE-2023-38876

CVE-2023-38876 describes a reflected XSS in msaad1999’s PHP-Login-System 2.0.1. The vulnerability is triggered by a malicious payload in the selector parameter of the /reset-password endpoint, allowing remote attackers to execute arbitrary JavaScript in a user’s browser. The available sources con...

6.1CVSS6AI score0.07623EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/09/20 12:0 a.m.•8 views

CVE-2023-38875

6.1AI score0.08597EPSS

Exploits0References1

CVE•added 2023/09/20 12:0 a.m.•48 views

CVE-2023-38875

Affected software : msaad1999's PHP-Login-System 2.0.1. Vulnerability : Reflected cross-site scripting (XSS) caused by unsanitized input in the 'validator' parameter of /reset-password. Impact : remote attackers can execute arbitrary JavaScript in a user’s browser, potentially stealing cookies or...

6.1CVSS6AI score0.08597EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/09/20 12:0 a.m.•12 views

CVE-2023-38875

6.2AI score0.08597EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by