CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4584 matches found

CNVD•added 2017/10/17 12:0 a.m.•4 views

Issuetracker phpBugTracker cross-site scripting vulnerability (CNVD-2017-30874)

Issuetracker phpBugTracker is a web-based defect tracking system. The system provides features such as project management and defect tracking services. A cross-site scripting vulnerability exists in Issuetracker phpBugTracker versions prior to 1.7.0. A remote attacker can exploit this vulnerabili...

4.8CVSS4.9AI score0.015EPSS

Exploits0References1

CNVD•added 2017/10/12 12:0 a.m.•2 views

MISP cross-site scripting vulnerability (CNVD-2017-30341)

MISP is a suite of open source software solutions for collecting, storing, distributing and sharing cybersecurity metrics and threats cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in quickDelete in versions of MISP prior to 2.4.81. A remote attacke...

6.1CVSS6AI score0.00842EPSS

Exploits0References1

CNVD•added 2017/10/11 12:0 a.m.•3 views

HP ArcSight Enterprise Security Manager Cross-Site Scripting Vulnerability (CNVD-2017-30915)

HP ArcSight ESM Enterprise Security Manager and ESM Express are both enterprise security management software with event correlation and security analysis capabilities from Hewlett Packard Enterprise HPE. The software collects, correlates and reports on enterprise-wide security events in real time...

6.1CVSS6.7AI score0.0096EPSS

Exploits0References1

ATTACKERKB•added 2017/10/03 1:29 a.m.•1 views

CVE-2015-7980

Cross-site scripting XSS vulnerability in the Compass Rose module 6.x-1.x before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "embedding a JavaScript library from an external source that was not reliable."...

6.1CVSS5.8AI score0.01271EPSS

Exploits0References6

CNVD•added 2017/09/27 12:0 a.m.•3 views

Ipython Cross-Site Scripting Vulnerability

IPython is an enhanced version of Python's native interactive shell developed by the IPython team. A cross-site scripting vulnerability exists in version 3.x of Ipython prior to 3.2. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

6.1CVSS6.2AI score0.01626EPSS

Exploits0References1

CNVD•added 2017/09/26 12:0 a.m.•1 views

Cross-site scripting vulnerability in WebKit component of multiple Apple products (CNVD-2017-34457)

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems. iCloud for Windows is a cloud service based on the Windows platform. WebKit is...

6.1CVSS5.6AI score0.0097EPSS

Exploits1References1

CNVD•added 2017/09/25 12:0 a.m.•2 views

WordPress template list view cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports the PHP and MySQL servers to set up a personal blog site. template list view is one of the list view template. A cross-site scripting vulnerability exists in the...

6.1CVSS6.8AI score0.02136EPSS

Exploits0References1

CNVD•added 2017/09/25 12:0 a.m.•2 views

Telaxus EPESI cross-site scripting vulnerability (CNVD-2017-32705)

Telaxus EPESI is a Polish company Telaxus open source customer relationship management system based on PHP/Ajax framework CRM. The system provides schedule management , multi-user address book , proxy matters and other functions . A cross-site scripting vulnerability exists in the 'Tasks...

5.4CVSS5.2AI score0.01398EPSS

Exploits5References1

CNVD•added 2017/09/21 12:0 a.m.•1 views

IBM Cúram Social Program Management Cross-Site Scripting Vulnerability (CNVD-2017-33074)

IBM Curam Social Program Management SPM is a suite of social program management solutions from IBM USA. The solution supports the process of end-to-end social program delivery. A cross-site scripting vulnerability exists in IBM Curam SPM. A remote attacker could exploit this vulnerability to inje...

5.4CVSS5.3AI score0.00642EPSS

Exploits0References1

PyPA•added 2017/09/19 3:29 p.m.•7 views

PYSEC-2017-17

Multiple cross-site scripting XSS vulnerabilities in the administration pages in Kallithea before 0.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 first name or 2 last name user details, or the 3 repository, 4 repository group, or 5 user group description...

5.4CVSS5.9AI score0.00944EPSS

Exploits1References5Affected Software1

CNVD•added 2017/09/18 12:0 a.m.•3 views

SugarCRM Cross-Site Scripting Vulnerability

SugarCRM Professional is a professional version of an open source customer relationship management system CRM from SugarCRM USA. The system supports differentiated marketing for different customer needs, managing and distributing sales leads, and enabling information sharing and tracking of sales...

6.1CVSS6AI score0.01421EPSS

Exploits1References1

CNVD•added 2017/09/08 12:0 a.m.•1 views

Kohana Security Component Cross-Site Scripting Vulnerability

Kohana is the Kohana team developed a set of MVC model based on the construction of PHP5 framework. security component is one of the security components . A cross-site scripting vulnerability exists in the Security component of Kohana versions prior to 3.3.6. A remote attacker can inject arbitrar...

6.1CVSS5.7AI score0.01659EPSS

Exploits1References1

CNVD•added 2017/09/08 12:0 a.m.•5 views

dayrui FineCms 'out' function cross-site scripting vulnerability

dayrui FineCms is China Tianrui dayrui program design team released a set of content management system CMS using MVC architecture and PDO database interface development. A cross-site scripting vulnerability exists in the 'out' function of the controllers/member/Login.php file in version 5.0.11 of...

6.1CVSS6AI score0.00635EPSS

Exploits0References1

CNVD•added 2017/09/08 12:0 a.m.•2 views

dayrui FineCms 'oauth' function cross-site scripting vulnerability

dayrui FineCms is China Tianrui dayrui program design team released a set of content management system CMS using MVC architecture and PDO database interface development. A cross-site scripting vulnerability exists in the 'oauth' function of the controllers/member/api.php file in version 5.0.11 of...

6.1CVSS6AI score0.00635EPSS

Exploits0References1

CNVD•added 2017/09/08 12:0 a.m.•4 views

dayrui FineCms 'checktitle' Function Cross-Site Scripting Vulnerability

dayrui FineCms is China Tianrui dayrui program design team released a set of content management system CMS using MVC architecture and PDO database interface development. A cross-site scripting vulnerability exists in the 'checktitle' function in the controllers/member/api.php file in version 5.0....

6.1CVSS6AI score0.00635EPSS

Exploits0References1

CNVD•added 2017/09/01 12:0 a.m.•1 views

ForgeRock OpenIDM Admin UI Cross-Site Scripting Vulnerability

ForgeRock OpenIDM is an extensible set of identity management tools for managing the identity lifecycle and provisioning issues from ForgeRock, Inc. The Admin UI is one of the backend management interfaces. orgeRock OpenID Admin UI is vulnerable to a cross-site scripting vulnerability. A remote...

6.1CVSS6.1AI score0.00944EPSS

Exploits1References1

CNVD•added 2017/08/30 12:0 a.m.•1 views

ONOS Cross-Site Scripting Vulnerability

ONOS is an open source SDN network operating system. A cross-site scripting vulnerability exists in ONOS versions 1.8.0, 1.9.0, and 1.10.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

6.1CVSS6AI score0.0116EPSS

Exploits0References1

CNVD•added 2017/08/29 12:0 a.m.•2 views

Paessler PRTG Network Monitor Cross-Site Scripting Vulnerability

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler AG, Germany. A cross-site scripting vulnerability exists in the DEVICES OR SENSORS feature in versions prior to Paessler PRTG Network Monitor 17.3.33.2654. A remote attacker can exploit this...

5.4CVSS5.3AI score0.01126EPSS

Exploits0References1

CNVD•added 2017/08/28 12:0 a.m.•3 views

MISP Cross-Site Scripting Vulnerability

MISP is a suite of open source software solutions for collecting, storing, distributing and sharing cybersecurity metrics and threats cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in the app/View/Helper/CommandHelper.php file in versions of MISP...

6.1CVSS6AI score0.00967EPSS

Exploits0References1

OSV•added 2017/08/18 4:29 p.m.•2 views

CVE-2017-9816

Cross-site scripting XSS vulnerability in Paessler PRTG Network Monitor before 17.2.32.2279 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00757EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by