Lucene search
K

56 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.9 views

CVE-2022-38553

Academy Learning Management System before v5.9.1 was discovered to contain a reflected cross-site scripting XSS vulnerability via the Search parameter...

6.1CVSS6AI score0.02316EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:44 a.m.6 views

CVE-2022-0428

The Content Egg WordPress plugin before 5.3.0 does not sanitise and escape the page parameter before outputting back in an attribute in the Autoblogging admin dashboard, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.5AI score0.00897EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-2480

Malware in sbrugna...

6.1CVSS6.2AI score0.02261EPSS
Exploits5References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-24800

Malicious code in bioql PyPI...

5.1CVSS6.6AI score0.00417EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-50781

Malicious code in bioql PyPI...

6.1CVSS8.9AI score0.00272EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-35405

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00379EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/16 4:0 p.m.5 views

CVE-2025-53935 WeGIA vulnerable to Reflected Cross-Site Scripting via endpoint `personalizacao_selecao.php` parameter `id`

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the personalizacaoselecao.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers...

6.4CVSS5.9AI score0.00271EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/07/14 10:41 p.m.10 views

CVE-2025-53824 WeGIA ReflectedCross-Site Scripting (XSS) vulnerability in endpoint 'cadastro_pet.php' parameter 'msg'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the editarpermissoes.php endpoint of the WeGIA application prior to version 3.4.4. This vulnerability allows attackers to...

6.4CVSS0.00205EPSS
Exploits1References1
CVE
CVE
added 2025/07/14 10:28 p.m.20 views

CVE-2025-53822

WeGIA (open source web manager) is affected by a Reflected XSS in the relatorio_geracao.php endpoint, via the tipo_relatorio parameter, for versions prior to 3.4.5. The underlying issue is lack of proper input filtering/escaping, enabling injection of arbitrary scripts. A fix is available in vers...

6.5CVSS5.5AI score0.0024EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/07/04 11:18 a.m.13 views

CVE-2025-31037 WordPress Homey theme <= 2.4.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in favethemes Homey homey allows Reflected XSS.This issue affects Homey: from n/a through = 2.4.5...

7.1CVSS0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/09 3:56 p.m.5 views

CVE-2025-31061 WordPress Wishlist plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in redqteam Wishlist allows Reflected XSS. This issue affects Wishlist: from n/a through 2.1.0...

7.1CVSS6.9AI score0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/09 3:56 p.m.1 views

CVE-2025-31917 WordPress Universal Video Player plugin <= 3.8.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player universalvideoplayer allows Reflected XSS.This issue affects Universal Video Player: from n/a through = 3.8.3...

7.1CVSS5.9AI score0.00235EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/23 12:43 p.m.17 views

CVE-2025-47673 WordPress Arconix Shortcodes plugin <= 2.1.16 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tychesoftwares Arconix Shortcodes arconix-shortcodes allows Reflected XSS.This issue affects Arconix Shortcodes: from n/a through = 2.1.16...

7.1CVSS0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:57 a.m.10 views

CVE-2024-47067

AList is a file list program that supports multiple storages. AList contains a reflected cross-site scripting vulnerability in helper.go. The endpoint /i/:linkname takes in a user-provided value and reflects it back in the response. The endpoint returns an application/xml response, opening it up ...

6.1CVSS5.2AI score0.00398EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:31 a.m.8 views

CVE-2024-40484

A Reflected Cross Site Scripting XSS vulnerability was found in "/oahms/search.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the "searchdata" parameter...

6.1CVSS6.1AI score0.00625EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:6 a.m.10 views

CVE-2023-5950

Rapid7 Velociraptor versions prior to 0.7.0-4 suffer from a reflected cross site scripting vulnerability. This vulnerability allows attackers to inject JS into the error path, potentially leading to unauthorized execution of scripts within a user's web browser. This vulnerability is fixed in...

8.6CVSS6.1AI score0.00465EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:51 a.m.9 views

CVE-2023-28493

Auth subscriber+ Reflected Cross-Site Scripting XSS vulnerability in Macho Themes NewsMag theme = 2.4.4 versions...

6.5CVSS5.8AI score0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:4 p.m.7 views

CVE-2021-24987

The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.30 does not sanitise and escape the urls parameter in its thechampsharingcount AJAX action available to both unauthenticated and authenticated users before outputting it back in the response, leading to a...

6.1CVSS6.1AI score0.01938EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 4:39 p.m.12 views

CVE-2025-22678

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mythemes my white allows Reflected XSS.This issue affects my white: from n/a through 2.0.8...

7.1CVSS8.6AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2025/05/15 8:16 p.m.8 views

CVE-2025-0688

The Spiritual Gifts Survey and optional S.H.A.P.E survey WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...

6.1CVSS0.00146EPSS
Exploits1References1
Rows per page
Query Builder