Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:52 a.m.3 views

CVE-2022-42100

KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location input reply-form...

5.4CVSS6AI score0.00334EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:36 a.m.3 views

CVE-2023-28475

Concrete CMS previously concrete5 versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized...

6.1CVSS6AI score0.02087EPSS
Exploits0References1
Veracode
Veracodeadded 2023/05/16 9:44 a.m.14 views

Cross-Site Scripting (XSS)

concrete5/concrete5 is vulnerable to Cross-Site Scripting XSS. The vulnerability exists in the reply form due to the lack of sanitization in msgID, which allows an attacker to inject and execute arbitrary JavaScript into the browser...

6.1CVSS6.5AI score0.02087EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blogadded 2023/04/28 3:30 p.m.12 views

Reflected cross site scripting

Concrete CMS previously concrete5 before 9.2 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized...

6.1CVSS6.3AI score0.02087EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2023/04/28 3:30 p.m.13 views

GHSA-VCPR-HM2M-GJJJ Reflected cross site scripting

Concrete CMS previously concrete5 before 9.2 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized...

6.1CVSS6AI score0.02087EPSS
Exploits0References5
NVD
NVDadded 2023/04/28 2:15 p.m.8 views

CVE-2023-28475

Concrete CMS previously concrete5 versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized...

6.1CVSS6AI score0.02087EPSS
Exploits0References3
OSV
OSVadded 2023/04/28 2:15 p.m.1 views

CVE-2023-28475

Concrete CMS previously concrete5 versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized...

6.1CVSS6.3AI score
Exploits0References3
Prion
Prionadded 2023/04/28 2:15 p.m.6 views

Cross site scripting

Concrete CMS previously concrete5 versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized...

5.8CVSS5.9AI score0.02087EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2023/04/28 12:0 a.m.36 views

CVE-2023-28475

Concrete CMS (formerly concrete5) is affected by a Reflected XSS in the Reply form due to msgID not being sanitized. Affected versions: 8.5.12 and earlier, and 9.0–9.1.3. Impact per sources: potential to inject/execute arbitrary script in the browser. Remediation: upgrade to 9.2+ (patch versions ...

6.1CVSS5.9AI score0.02087EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2023/04/28 12:0 a.m.2 views

PT-2023-21745 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS previously concrete5 versions 8.5.12 and below Concrete CMS previously concrete5 versions 9.0 through 9.1.3 Description: The issue is related to Reflected XSS on the Reply form because the msgID was not sanitized. This allows for...

6.1CVSS6AI score0.02087EPSS
Exploits0References9
OSV
OSVadded 2022/11/29 4:15 a.m.8 views

CVE-2022-42100

KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location input reply-form...

5.4CVSS6AI score
Exploits0References2
Prion
Prionadded 2022/11/29 4:15 a.m.10 views

Cross site scripting

KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location input reply-form...

4.9CVSS5.3AI score0.00334EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/11/29 12:0 a.m.10 views

CVE-2022-42100

KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location input reply-form...

5.6AI score0.00334EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2022/11/29 12:0 a.m.4 views

CVE-2022-42100

KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location input reply-form...

5.5AI score0.00334EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/11/29 12:0 a.m.0 views

KLiK SocialMediaWebsite 跨站脚本漏洞

KLiK SocialMediaWebsite is a simple PHP based social media website by Muhammad Saad personal developer. A cross-site scripting vulnerability exists in KLiK SocialMediaWebsite version 1.0.1 at reply-form. The vulnerability stems from a lack of effective filtering and escaping of user-supplied data...

5.4CVSS6.2AI score0.00334EPSS
Exploits1References3
CVE
CVEadded 2022/11/29 12:0 a.m.53 views

CVE-2022-42100

CVE-2022-42100 affects KLiK SocialMediaWebsite version 1.0.1. The RedHat/EUVD/CNVD/etc. entries confirm a cross-site scripting (XSS) vulnerability in the reply-form where user-supplied data in the location input can be stored and rendered, due to insufficient input filtering/escaping. The issue i...

5.4CVSS5.4AI score0.00334EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2022/11/29 12:0 a.m.2 views

PT-2022-26252 · Unknown · Klik Socialmediawebsite

Name of the Vulnerable Software and Affected Versions: KLiK SocialMediaWebsite version 1.0.1 Description: The issue allows attackers to store XSS via location input in the reply-form, potentially affecting user security. Recommendations: For KLiK SocialMediaWebsite version 1.0.1, consider disabli...

5.4CVSS6.1AI score0.00334EPSS
Exploits1References8
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.104 views

Drupal 7.x < 7.57 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A flaw exists with the Comment Reply Form. An authenticated remote attacker could add or view comments that they do not have access to. CVE-2017-6926 - A flaw exists with the...

8.1CVSS8.1AI score0.0139EPSS
Exploits1References6
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.23 views

Drupal 8.x < 8.4.5 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A flaw exists with the Comment Reply Form. An authenticated remote attacker could add or view comments that they do not have access to. CVE-2017-6926 - A flaw exists with the...

8.1CVSS8.1AI score0.0139EPSS
Exploits1References6
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.90 views

Drupal 8.5.x < 8.5.0-rc1 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A flaw exists with the Comment Reply Form. An authenticated remote attacker could add or view comments that they do not have access to. CVE-2017-6926 - A flaw exists with the...

8.1CVSS8.1AI score0.0139EPSS
Exploits1References6
Rows per page
Query Builder