CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

Cvelist•added 2026/05/11 6:32 p.m.•25 views

CVE-2026-42870 WeGIA: Cross-Site Scripting (XSS) Stored endpoint 'informacao_adicional.php' parameter 'descricao'

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a Stored Cross-Site Scripting XSS flaw was identified at the following endpoint: funcionario/profilefuncionario.php?idfuncionario=2. By injecting a malicious payload into the 'Description' Descrição field and saving t...

6.4CVSS0.00062EPSS

Exploits0References1

RedhatCVE•added 2026/01/15 12:23 a.m.•2 views

CVE-2025-63644

A stored cross-site scripting XSS vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the user profile Description field...

5.4CVSS5.7AI score0.00016EPSS

Exploits1References1

OSV•added 2026/01/14 6:31 p.m.•2 views

GHSA-657C-WXG6-JMQV pH7-Social-Dating-CMS affected by a stored cross-site scripting (XSS) vulnerability

A stored cross-site scripting XSS vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the user profile Description field...

6.1CVSS5.1AI score0.00016EPSS

Exploits1References4

NVD•added 2026/01/14 6:16 p.m.•2 views

CVE-2025-63644

A stored cross-site scripting XSS vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the user profile Description field...

5.4CVSS0.00016EPSS

Exploits1References2

Vulnrichment•added 2026/01/14 12:0 a.m.•1 views

CVE-2025-63644

A stored cross-site scripting XSS vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the user profile Description field...

5.3AI score0.00016EPSS

Exploits1References2

EUVD•added 2026/01/14 12:0 a.m.•2 views

EUVD-2026-2439

A stored cross-site scripting XSS vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the user profile Description field...

6.1CVSS5.2AI score0.00016EPSS

Exploits1References3

RedhatCVE•added 2026/01/07 9:28 a.m.•6 views

CVE-2019-12774

A number of stored XSS vulnerabilities have been identified in the web configuration feature in ENTTEC Datagate Mk2 70044update05032019-482 that could allow an unauthenticated threat actor to inject malicious code directly into the application. This affects, for example, the Profile Description...

6.1CVSS6.5AI score0.00373EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-4358

Malware in sbrugna...

6.1CVSS6.7AI score0.00373EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-52694

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00224EPSS

Exploits3References1

RedhatCVE•added 2025/05/23 1:18 a.m.•2 views

CVE-2022-30982

An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username...

5.4CVSS5.8AI score0.00224EPSS

Exploits3References1

Exploit DB•added 2025/03/19 12:0 a.m.•255 views

Gitea 1.24.0 - HTML Injection

Exploit Title: Gitea 1.24.0 - HTML Injection Date: 2025-03-09 Exploit Author: Mikail KOCADAĞ Vendor Homepage: https://gitea.com Software Link: https://dl.gitea.io/gitea/1.24.0/ Version: 1.24.0 Tested on: Windows 10, Linux Ubuntu 22.04 CVE : N/A Vulnerability Description: In Gitea 1.24.0, the...

7.4AI score

Exploits0

NVD•added 2022/07/17 11:15 p.m.•11 views

CVE-2022-30982

An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username...

5.4CVSS0.00224EPSS

Exploits3References1

OSV•added 2022/07/17 11:15 p.m.•0 views

CVE-2022-30982

An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username...

5.4CVSS5.8AI score0.00224EPSS

Exploits3References1

ATTACKERKB•added 2022/07/17 11:15 p.m.•1 views

CVE-2022-30982

An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username...

5.4CVSS6AI score0.00224EPSS

Exploits3References2

Prion•added 2022/07/17 11:15 p.m.•10 views

Cross site scripting

An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username...

4.9CVSS5.2AI score0.00224EPSS

Exploits3References1Affected Software1

Cvelist•added 2022/07/17 10:26 p.m.•10 views

CVE-2022-30982

An issue was discovered in Gentics CMS before 5.43.1. There is stored XSS in the profile description and in the username...

5.4AI score0.00224EPSS

Exploits3References1

NVD•added 2019/06/07 4:29 p.m.•11 views

CVE-2019-12774

6.1CVSS7.2AI score0.00373EPSS

Exploits1References1

OSV•added 2019/06/07 4:29 p.m.•2 views

CVE-2019-12774

6.1CVSS6.6AI score0.00373EPSS

Exploits1References1

CNVD•added 2017/04/18 12:0 a.m.•1 views

ClipBucket Cross-Site Scripting Vulnerability (CNVD-2017-05016)

ClipBucket is an open source video sharing software. The software allows you to share videos to video sites and supports the light off effect when watching a movie. A cross-site scripting vulnerability exists in ClipBucket version 2.8.1. A remote attacker can exploit this vulnerability by injecti...

6.1CVSS5.9AI score0.00223EPSS

Exploits0References1

The Hacker News•added 2011/10/17 6:11 p.m.•14 views

Sesame Street YouTube Channel Hacked, Porn Posted

Sesame Street YouTube Channel Hacked, Porn Posted On Sunday afternoon, some of the world's worst lowlifes decided to hack the Sesame Street YouTube channel and replace some of the videos with pornographic clips. For about 20 minutes yesterday, visitors to the YouTube channel of the popular...

6.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by