CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

CNNVD•added 2026/03/26 12:0 a.m.•3 views

Invoice Ninja 安全漏洞

Invoice Ninja is an open-source application developed by Invoice Ninja, featuring features for invoices, quotes, projects, and time tracking. Version 5.13.0 of Invoice Ninja contains a security vulnerability. This vulnerability stems from the project description field bypassing the XSS rejection...

5.4CVSS5.8AI score0.00017EPSS

Exploits0References3

EUVD•added 2026/03/20 6:31 p.m.•3 views

EUVD-2026-13730

DooTask v1.6.27 has a Cross-Site Scripting XSS vulnerability in the /manage/project/ page via the input field projectDesc...

5.8AI score0.00039EPSS

Exploits0References3

Positive Technologies•added 2026/03/20 12:0 a.m.•2 views

PT-2026-26643

CVE-2026-29828 DooTask v1.6.27 has a Cross-Site Scripting XSS vulnerability in the /manage/project/id page via the input field projectDesc. https://t.co/IdJyEMWfTe...

5.8AI score0.00039EPSS

Exploits0References5

Cvelist•added 2026/03/20 12:0 a.m.•21 views

CVE-2026-29828

DooTask v1.6.27 has a Cross-Site Scripting XSS vulnerability in the /manage/project/ page via the input field projectDesc...

0.00039EPSS

Exploits0References2

Vulnrichment•added 2026/03/20 12:0 a.m.•1 views

CVE-2026-29828

DooTask v1.6.27 has a Cross-Site Scripting XSS vulnerability in the /manage/project/ page via the input field projectDesc...

5.8AI score0.00039EPSS

Exploits0References2

OSV•added 2025/10/20 8:15 p.m.•2 views

PYSEC-2025-188

Taguette is an open source qualitative research tool. An issue has been discovered in Taguette versions prior to 1.5.0. It was possible for a project member to put JavaScript in name or description fields which would run on project load. This issue has been patched in version 1.5.0...

5.4CVSS5.7AI score0.00022EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-37379

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00362EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-11925

Malicious code in bioql PyPI...

6.6AI score

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-29211

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00093EPSS

Exploits1References3

RedhatCVE•added 2025/09/17 12:49 a.m.•5 views

CVE-2025-52344

Multiple Cross Site Scripting XSS vulnerabilities in input fields in Explorance Blue 8.1.2 allows attackers to inject arbitrary JavaScript code on the user's browser via the Group name and Project Description input fields...

6.1CVSS6.5AI score0.00093EPSS

Exploits1References1

OSV•added 2025/09/15 6:15 p.m.•0 views

CVE-2025-52344

6.1CVSS6AI score

Exploits0References2

Cvelist•added 2025/09/15 12:0 a.m.•5 views

CVE-2025-52344

0.00093EPSS

Exploits1References2

CNNVD•added 2025/09/15 12:0 a.m.•2 views

Explorance Blue 安全漏洞

Explorance Blue is a learning experience management software from Explorance Canada. A security vulnerability exists in Explorance Blue version 8.1.2, which stems from the Group name and Project Description input fields not properly filtering input, which could lead to a cross-site scripting atta...

6.1CVSS6AI score0.00093EPSS

Exploits1References3

Vulnrichment•added 2025/09/15 12:0 a.m.•1 views

CVE-2025-52344

6AI score0.00093EPSS

Exploits1References2

CVE•added 2025/09/15 12:0 a.m.•11 views

CVE-2025-52344

The CVE-2025-52344 entry concerns Explorance Blue 8.1.2, where multiple XSS vulnerabilities exist in input fields (Group name and Project Description). The root cause is insufficient input filtering in these fields, allowing arbitrary JavaScript to execute in a user’s browser. Impact is described...

6.1CVSS6AI score0.00093EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2025/09/15 12:0 a.m.•2 views

PT-2025-37729

Name of the Vulnerable Software and Affected Versions Explorance Blue version 8.1.2 Description Explorance Blue version 8.1.2 contains multiple Cross Site Scripting XSS vulnerabilities in input fields. These vulnerabilities allow attackers to inject arbitrary JavaScript code into a user’s browser...

6.1CVSS6.2AI score0.00093EPSS

Exploits1References7

OSV•added 2024/06/18 11:15 a.m.•0 views

CVE-2024-38507

In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible...

5.4CVSS5.8AI score

Exploits0References1