CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

Vulnrichment•added 2026/02/01 12:15 p.m.•3 views

CVE-2021-47919 Simple CMS 2.1 Non-Persistent Cross-Site Scripting via Preview Parameter

Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks...

6.4CVSS5.5AI score0.00018EPSS

Exploits1References3

CVE•added 2026/02/01 12:15 p.m.•7 views

CVE-2021-47919

CVE-2021-47919 affects Simple CMS 2.1. The vulnerability is a non-persistent cross-site scripting (XSS) flaw in the preview.php file’s id parameter, exploitable via a GET request. Attackers can inject malicious script code to execute in the context of authenticated users, with potential consequen...

6.4CVSS6.1AI score0.00018EPSS

Exploits1References3Affected Software1

NVD•added 2026/01/20 3:16 p.m.•1 views

CVE-2025-15380

The NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting via the 'nx-preview' POST parameter in all versions up to, and including, 3.2.0. Thi...

7.2CVSS0.00235EPSS

Exploits0References3

Cvelist•added 2026/01/20 2:26 p.m.•19 views

CVE-2025-15380 NotificationX <= 3.2.0 - Unauthenticated DOM-Based Cross-Site Scripting via 'nx-preview'

7.2CVSS0.00235EPSS

Exploits0References3

Vulnrichment•added 2026/01/20 2:26 p.m.•2 views

CVE-2025-15380 NotificationX <= 3.2.0 - Unauthenticated DOM-Based Cross-Site Scripting via 'nx-preview'

7.2CVSS5.7AI score0.00235EPSS

Exploits0References3

Positive Technologies•added 2026/01/20 12:0 a.m.•3 views

PT-2026-3573

7.2CVSS5.7AI score0.00235EPSS

Exploits0References4

RedhatCVE•added 2026/01/09 12:35 p.m.•7 views

CVE-2023-49440

AhnLab EPP 1.0.15 is vulnerable to SQL Injection via the "preview parameter."...

8.8CVSS8AI score0.00036EPSS

Exploits2References1

NVD•added 2025/10/27 4:15 p.m.•3 views

CVE-2023-49440

AhnLab EPP 1.0.15 is vulnerable to SQL Injection via the "preview parameter."...

8.8CVSS0.00036EPSS

Exploits2References3

Cvelist•added 2025/10/27 12:0 a.m.•7 views

CVE-2023-49440

AhnLab EPP 1.0.15 is vulnerable to SQL Injection via the "preview parameter."...

0.00036EPSS

Exploits2References3

Vulnrichment•added 2025/10/27 12:0 a.m.•3 views

CVE-2023-49440

AhnLab EPP 1.0.15 is vulnerable to SQL Injection via the "preview parameter."...

7.6AI score0.00036EPSS

Exploits2References3

CVE•added 2025/10/27 12:0 a.m.•13 views

CVE-2023-49440

AhnLab EPP Management (v1.0.15 and prior) is affected by a Boolean-based SQL injection in the web admin interface via the preview parameter, enabling access to the backend DB and potential RCE. Public PoCs/exploits exist (e.g., via /api/console/ems/query/report/preview) and exploit code is availa...

8.8CVSS7.6AI score0.00036EPSS

Exploits2References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-30436

Malicious code in bioql PyPI...

6.1CVSS4.9AI score0.0004EPSS

Exploits1References5

Vulnrichment•added 2025/09/23 12:32 a.m.•1 views

CVE-2025-10827 PHPJabbers Restaurant Menu Maker preview.php cross site scripting

A weakness has been identified in PHPJabbers Restaurant Menu Maker up to 1.1. Affected by this issue is some unknown functionality of the file /preview.php. This manipulation of the argument theme causes cross site scripting. The attack may be initiated remotely. The exploit has been made availab...

5.3CVSS5.5AI score0.0004EPSS

Exploits1References4