CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2006-4749

Malware in sbrugna...

4.3CVSS6.4AI score0.00504EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-21899

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00154EPSS

Exploits0References2

RedhatCVE•added 2025/07/20 12:51 a.m.•5 views

CVE-2025-52162

agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML External Entity XXE via the RSSReader endpoint. This vulnerability allows attackers to access sensitive data via providing a crafted XML input...

6.5CVSS6.7AI score0.00154EPSS

Exploits0References1

Vulnrichment•added 2025/07/18 12:0 a.m.•2 views

CVE-2025-52162

6.7AI score0.00154EPSS

Exploits0References2

Cvelist•added 2025/07/18 12:0 a.m.•7 views

CVE-2025-52162

0.00154EPSS

Exploits0References2

CVE•added 2025/07/18 12:0 a.m.•13 views

CVE-2025-52162

CVE-2025-52162 affects agorum core open v11.9.2 and v11.10.1. It is an XML External Entity (XXE) vulnerability exposed via the RSSReader endpoint, enabling data access with crafted XML input. Root cause: improper XML handling leading to XXE; Impact: potential exposure of sensitive data. Remediati...

6.5CVSS7.3AI score0.00154EPSS

Exploits0References2

Positive Technologies•added 2025/07/18 12:0 a.m.•1 views

PT-2025-30070 · Unknown · Agorum Core Open

Name of the Vulnerable Software and Affected Versions: agorum core open versions 11.9.2 and 11.10.1 Description: The software contains an XML External Entity XXE issue via the RSSReader endpoint. Attackers can potentially access sensitive data by providing a crafted XML input. Recommendations: Fo...

6.5CVSS6.3AI score0.00154EPSS

Exploits0References5

Openbugbounty•added 2017/11/14 11:41 a.m.•18 views

esenbogaairport.com XSS vulnerability

Open Bug Bounty ID: OBB-413949 Description| Value ---|--- Affected Website:| esenbogaairport.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score

Exploits0

OpenVAS•added 2013/09/18 12:0 a.m.•14 views

Debian: Security Advisory (DSA-2596-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7.3AI score0.00225EPSS

Exploits0References3

OpenVAS•added 2013/09/18 12:0 a.m.•23 views

Debian Security Advisory DSA 2596-1 (mediawiki-extensions - cross-site scripting)

Thorsten Glaser discovered that the RSSReader extension for MediaWiki, a website engine for collaborative work, does not properly escape tags in feeds. This could allow a malicious feed to inject JavaScript into the MediaWiki pages. OpenVAS Vulnerability Test $Id: deb25961.nasl 8972 2018-02-28...

4.3CVSS6.5AI score0.00225EPSS

Exploits0References1

Tenable Nessus•added 2012/12/31 12:0 a.m.•13 views

Debian DSA-2596-1 : mediawiki-extensions - XSS

Thorsten Glaser discovered that the RSSReader extension for MediaWiki, a website engine for collaborative work, does not properly escape tags in feeds. This could allow a malicious feed to inject JavaScript into the MediaWiki pages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

5.4AI score

Exploits0References3

Debian•added 2012/12/30 4:16 p.m.•16 views

[SECURITY] [DSA 2596-1] mediawiki-extensions security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2596-1 [email protected] http://www.debian.org/security/ Jonathan Wiltshire December 30, 2012 http://www.debian.org/security/faq -...

6.5AI score

Exploits0

OSV•added 2012/12/30 12:0 a.m.•11 views

DSA-2596-1 mediawiki-extensions - cross-site scripting in RSSReader extension

Bulletin has no description...

4.3CVSS6.8AI score0.00225EPSS

Exploits0

Packet Storm•added 2010/11/03 12:0 a.m.•27 views

Joomla RSSReader Local File Inclusion

========================================================= Joomla Component comrssreader LFI Vulnerability ========================================================= +Title : Joomla Component comrssreader LFI Vulnerability +Software : comrssreader version 1.0 +Vendor : http://www.joomlashop.dk/...

Exploits0

NVD•added 2006/09/13 11:7 p.m.•8 views

CVE-2006-4762

Multiple cross-site scripting XSS vulnerabilities in Ykoon RssReader allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite...

4.3CVSS5.8AI score0.00504EPSS

Exploits1References5

Cvelist•added 2006/09/13 11:0 p.m.•17 views

CVE-2006-4762

5.8AI score0.00504EPSS

Exploits1References5

CVE•added 2006/09/13 11:0 p.m.•45 views

CVE-2006-4762

Technical details about CVE-2006-4762 are not publicly provided in the supplied documents. Monitor for updates from NVD/CVE listings; current records describe XSS in Ykoon RssReader but lack specific affected versions, vectors, root cause, or fixes.

4.3CVSS6AI score0.00504EPSS

Exploits1References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by