CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

Packet Storm•added 2026/03/12 12:0 a.m.•148 views

📄 SPIP CMS Analysis Scanner Script

This is an exploitation tool designed for websites running the SPIP CMS versions 5.4.0 through 5.11.0. The tool performs automated detection and enumeration of SPIP installations, identifies installed plugins, attempts to determine plugin versions, and searches for forms using the saisies plugin...

5.8AI score

Exploits0

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-177417

Malicious code in orbit-html-webpack-plugin-xml-docusaurus npm...

6.6AI score

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-1401

Malicious code in bioql PyPI...

8.2CVSS8AI score0.01056EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2022-2896

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.00213EPSS

Exploits0References6

Cvelist•added 2025/06/09 3:56 p.m.•20 views

CVE-2025-31039 WordPress Category Icon plugin <= 1.0.3 - XML External Entity (XXE) vulnerability

Improper Restriction of XML External Entity Reference vulnerability in pixelgrade Category Icon category-icon allows XML Entity Linking.This issue affects Category Icon: from n/a through = 1.0.3...

9.1CVSS0.00228EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 3:37 a.m.•6 views

CVE-2023-28680

Jenkins Crap4J Plugin 0.9 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.5CVSS6.7AI score0.01424EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 1:23 a.m.•4 views

CVE-2022-43430

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.5CVSS6.8AI score0.04432EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:11 p.m.•6 views

CVE-2021-21701

Jenkins Performance Plugin 3.20 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.5CVSS6.7AI score0.00157EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:30 p.m.•6 views

CVE-2020-2315

Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.5CVSS6.7AI score0.00274EPSS

Exploits0

CNNVD•added 2025/02/03 12:0 a.m.•2 views

WordPress plugin XML for Avito 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

7.1CVSS7.8AI score0.00056EPSS

Exploits0References1

Vulnrichment•added 2023/03/23 11:26 a.m.•7 views

CVE-2023-28682

Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.2AI score0.01056EPSS

Exploits0References1

Vulnrichment•added 2022/11/15 12:0 a.m.•6 views

CVE-2022-45395

Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.7AI score0.04514EPSS

Exploits0References2

OSV•added 2019/01/18 9:29 p.m.•0 views

CVE-2018-20233

The Upload add-on resource in Atlassian Universal Plugin Manager before version 2.22.14 allows remote attackers who have system administrator privileges to read files, make network requests and perform a denial of service attack via an XML External Entity vulnerability in the parsing of atlassian...

6.5CVSS5.8AI score0.00771EPSS

Exploits0References2

OSV•added 2018/06/26 4:29 p.m.•10 views

CVE-2018-1000542

netbeans-mmd-plugin version = 1.4.3 contains a XML External Entity XXE vulnerability in MMD file import that can result in Possible information disclosure, server-side request forgery, or remote code execution. This attack appear to be exploitable via Specially crafted MMD file...

7.8CVSS7.8AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by