CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/05/22 9:21 p.m.•3 views

CVE-2021-41464

Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...

6.1CVSS5.9AI score0.00283EPSS

Exploits1

Positive Technologies•added 2024/05/21 12:0 a.m.•1 views

PT-2024-33534 · WordPress · Blocksy

Name of the Vulnerable Software and Affected Versions: Blocksy theme for WordPress versions up to, and including, 2.0.46 Description: The issue is related to Stored Cross-Site Scripting via the has field link rel parameter due to insufficient input sanitization and output escaping. This allows...

6.4CVSS5.9AI score0.00201EPSS

Exploits0References6

NVD•added 2021/10/01 4:15 p.m.•8 views

CVE-2021-41465

Cross-site scripting XSS vulnerability in concrete/elements/collectiontheme.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...

6.1CVSS0.00283EPSS

Exploits1References2

OSV•added 2021/10/01 4:15 p.m.•9 views

CVE-2021-41465

6.1CVSS5.9AI score

Exploits0References2

Prion•added 2021/10/01 4:15 p.m.•9 views

Cross site scripting

4.3CVSS6AI score0.00283EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/10/01 3:42 p.m.•10 views

CVE-2021-41464

6.2AI score0.00283EPSS

Exploits1References2

CNNVD•added 2021/10/01 12:0 a.m.•1 views

PortlandLabs Concrete Cms 跨站脚本漏洞

Portlandlabs Concrete5 is an open source content management system CMS from PortlandLabs, Inc. A cross-site scripting vulnerability exists in Portlandlabs Concrete5 crete5-legacy 5.6.4.0 and prior versions, which can be exploited by remote attackers to "rel" parameter to inject arbitrary web scri...

6.1CVSS5.5AI score0.00283EPSS

Exploits1References2

CNNVD•added 2021/10/01 12:0 a.m.•1 views

Portlandlabs Concrete5 跨站脚本漏洞

6.1CVSS5.5AI score0.00283EPSS

Exploits1References2

CNVD•added 2015/07/20 12:0 a.m.•4 views

Free Reprintables ArticleFR Cross-Site Scripting Vulnerability

ArticleFR is an article directory and content catalog system. Multiple cross-site scripting vulnerabilities exist in Free Reprintables ArticleFR version 3.0.6, which stem from the dashboard/settings/categories/ URI not sufficiently filtering the 'name' parameter, the dashboard/settings/links/ URI...

4.3CVSS6.4AI score0.0713EPSS

Exploits2References1

Prion•added 2015/07/16 3:59 p.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Free Reprintables ArticleFR 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter to dashboard/settings/categories/, 2 title or 3 rel parameter to dashboard/settings/links/, or 4 url parameter to...

4.3CVSS6AI score0.0713EPSS

Exploits2References3Affected Software1

Cvelist•added 2006/06/23 12:0 a.m.•15 views

CVE-2006-3173

Multiple PHP remote file inclusion vulnerabilities in ContentBuilder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the 1 pathcb parameter to a libraries/comment/postComment.php and b modules/poll/poll.php, 2 rel parameter to c modules/archive/overview.inc.php, and the 3...

7.4AI score0.01739EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by