CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4584 matches found

CNVD•added 2018/02/09 12:0 a.m.•5 views

PHP Scripts Mall Naukri Clone Script Cross-Site Scripting Vulnerability

PHP Scripts Mall Naukri Clone Script is an online recruitment system script based on PHP and MySQL platform by PHP Scripts Mall India. A cross-site scripting vulnerability exists in PHP Scripts Mall Naukri Clone Script version 3.0.3. The vulnerability can be exploited by a remote attacker to inje...

5.4CVSS6.2AI score0.00554EPSS

Exploits1References1

CNVD•added 2018/02/05 12:0 a.m.•2 views

MTS Simple Booking C and MTS Simple Booking Business Cross-Site Scripting Vulnerabilities

MTS Simple Booking C and MTS Simple Booking Business are both online booking plugins for WordPress developed by MT Systems Japan. A cross-site scripting vulnerability exists in MTS Simple Booking C and MTS Simple Booking Business versions 1.28.0 and earlier. A remote attacker can exploit this...

6.1CVSS6.2AI score0.00776EPSS

Exploits0References1

OSV•added 2018/02/02 9:29 p.m.•1 views

CVE-2016-0303

Cross-site scripting XSS vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5.9AI score

Exploits0References1

CNVD•added 2018/02/01 12:0 a.m.•2 views

iBall 300M Cross-Site Scripting Vulnerability

The iBall 300M is a wireless router product from iBall India. A cross-site scripting vulnerability exists in /goform/setLang in iBall 300M using iB-WRB302N1.0.1-Sep 8 2017 version firmware. A remote attacker can exploit the vulnerability to inject arbitrary web script or HTML with the help of the...

6.1CVSS6AI score0.0066EPSS

Exploits1References1

OSV•added 2018/01/30 8:29 p.m.•2 views

CVE-2018-6194

A cross-site scripting XSS vulnerability in admin/partials/wp-splashing-admin-sidebar.php in the Splashing Images plugin wp-splashing-images before 2.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search parameter to wp-admin/upload.php...

4.8CVSS5.8AI score0.01048EPSS

Exploits2References4

CNVD•added 2018/01/24 12:0 a.m.•4 views

Elasticsearch Kibana Cross-Site Scripting Vulnerability

Elasticsearch Kibana formerly known as elasticsearch-dashboard is a suite of open-source, browser-based analytics and search Elasticsearch dashboard tools from the Dutch company Elasticsearch. A cross-site scripting vulnerability exists in Elasticsearch Kibana versions 5.6.6 and 6.1.2, which stem...

6.1CVSS6.8AI score0.00888EPSS

Exploits0References1

ATTACKERKB•added 2018/01/18 6:29 a.m.•1 views

CVE-2018-0098

A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Access Point with Power over Ethernet PoE and WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attac...

6.1CVSS5.8AI score0.00885EPSS

Exploits0References3

CNVD•added 2018/01/17 12:0 a.m.•2 views

WordPress SrbTransLatin Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development , the platform supports in PHP and MySQL server set up personal blog site . SrbTransLatin plugin is used in one of the language conversion plugin . A cross-site scripting vulnerability exists ...

4.8CVSS6AI score0.00623EPSS

Exploits1References1

OSV•added 2018/01/16 7:29 p.m.•2 views

CVE-2017-8802

Cross-site scripting XSS vulnerability in Zimbra Collaboration Suite aka ZCS before 8.8.0 Beta2 might allow remote attackers to inject arbitrary web script or HTML via vectors related to the "Show Snippet" functionality...

5.4CVSS5.9AI score0.01288EPSS

Exploits2References4

CNVD•added 2018/01/15 12:0 a.m.•3 views

DragonByte Technologies vbActivity for vBulletin Cross-Site Scripting Vulnerability

DragonByte Technologies vbActivity for vBulletin is a module with polling and rating functionality for vBulletin, an open source commercial web forum program from DragonByte Technologies, Scotland. A cross-site scripting vulnerability exists in DragonByte Technologies vbActivity for vBulletin...

6.1CVSS5.9AI score0.01669EPSS

Exploits0References1

CNVD•added 2018/01/15 12:0 a.m.•3 views

Dotclear admin/auth.php file cross-site scripting vulnerability

Dotclear is a software developer Olivier Meunier developed a free PHP and MySQL-based blog Blog publishing software. A cross-site scripting vulnerability exists in the admin/auth.php file in Dotclear version 2.12.1. This vulnerability can be exploited by remote attackers to inject arbitrary web...

5.4CVSS6AI score0.00904EPSS

Exploits0References1

CNVD•added 2018/01/11 12:0 a.m.•4 views

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2018-01388)

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting...

6.1CVSS6.5AI score0.01729EPSS

Exploits0References1

CNVD•added 2018/01/10 12:0 a.m.•3 views

Microsoft SharePoint Enterprise Server Cross-Site Scripting Vulnerability

Microsoft SharePoint Enterprise Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enables you to share work, collaborate with others, organize projects and workgroups, and search for people and information. A...

6.1CVSS6.5AI score0.03631EPSS

Exploits0References1

CNVD•added 2018/01/04 12:0 a.m.•1 views

Celartem Extensis Portfolio NetPublish Cross-Site Scripting Vulnerability

Celartem Extensis Portfolio NetPublish is a digital asset management software from Celartem Japan. A cross-site scripting vulnerability exists in Celartem Extensis Portfolio NetPublish. A remote attacker can inject arbitrary web script or HTML by sending the 'quickfind' parameter to the...

6.1CVSS6AI score0.00675EPSS

Exploits0References1

CNVD•added 2017/12/26 12:0 a.m.•1 views

PHP Scripts Mall Responsive Realestate Script Cross-Site Scripting Vulnerability

Responsive Realestate Script is a script for building real estate websites. A cross-site scripting vulnerability exists in PHP Scripts Mall Responsive Realestate Script. A remote attacker can inject arbitrary web script or HTML by sending the 'gplus' parameter to the admin/general.php file...

4.8CVSS6.2AI score0.00492EPSS

Exploits1References1

CNVD•added 2017/12/20 12:0 a.m.•2 views

IBM Business Process Manager Cross-Site Scripting Vulnerability

IBM Business Process Manager BPM is a comprehensive set of business process management platform from IBM in the United States. The platform provides a range of tools related to process modeling, assembly, monitoring and deployment for business. A cross-site scripting vulnerability exists in IBM...

5.4CVSS6.4AI score0.00804EPSS

Exploits0References1

OSV•added 2017/12/19 8:29 p.m.•3 views

CVE-2017-17719

A cross-site scripting XSS vulnerability in the wp-concours plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the resultmessage parameter to includes/concourspage.php...

6.1CVSS5.8AI score0.00938EPSS

Exploits3References2

OSV•added 2017/12/19 8:29 p.m.•2 views

CVE-2017-17753

Multiple cross-site scripting XSS vulnerabilities in the esb-csv-import-export plugin through 1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 cietype, 2 cieimport, 3 cieupdate, or 4 cieignore parameter to includes/admin/views/esb-cie-import-export-page.ph...

6.1CVSS5.8AI score0.00845EPSS

Exploits2References1

CNVD•added 2017/12/18 12:0 a.m.•2 views

UrBackup Server Cross-Site Scripting Vulnerability

UrBackup is an easy to install open source client/server backup system . A cross-site scripting vulnerability exists in UrBackup Server before 2.1.20. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the action parameter...

6.1CVSS6AI score0.00765EPSS

Exploits0References1

CNVD•added 2017/12/15 12:0 a.m.•1 views

Posty Scubez Posty Readymade Classifieds Cross-Site Scripting Vulnerability

Posty Scubez Posty Readymade Classifieds is a suite of announcement-based website scripts from Posty India. A cross-site scripting vulnerability exists in Posty Scubez Posty Readymade Classifieds. A remote attacker can inject arbitrary web script or HTML by sending the 'ID' parameter to the...

6.1CVSS6AI score0.00669EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by