CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Hacker One•added 2023/12/11 2:32 p.m.•31 views

TikTok: RXSS on TikTok endpoints

A cross-site scripting vulnerability was discovered in two TikTok incentive endpoints due to improper output encoding of user-supplied data. This allowed JavaScript code injection into the affected endpoints...

6.7AI score

OSV•added 2023/11/08 2:51 p.m.•20 views

GHSA-J9RC-W3WV-FV62 XWiki Platform vulnerable to reflected cross-site scripting through revision parameter in content menu

Impact XWiki is vulnerable to reflected cross-site scripting RXSS via the rev parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to visit a link with a crafted parameter, this allows the attacker to execute arbitrary actions in the name ...

9.6CVSS7.7AI score0.48106EPSS

Exploits1References5

NVD•added 2023/11/06 7:15 p.m.•10 views

CVE-2023-46732

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to reflected cross-site scripting RXSS via the rev parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to visit a...

9.6CVSS9.2AI score0.48106EPSS

Exploits1References3

CVE•added 2023/11/06 6:45 p.m.•97 views

CVE-2023-46732

XWiki Platform is vulnerable to reflected cross-site scripting (RXSS) via the rev parameter used in the content menu. An attacker enticing a user to visit a crafted link could execute actions as that user, including Groovy remote code execution for users with programming rights, potentially compr...

9.6CVSS7.8AI score0.48106EPSS

Exploits1References3Affected Software1

0day.today•added 2023/08/04 12:0 a.m.•339 views

PHPJabbers Rental Property Booking 2.0 - Reflected XSS Vulnerability

Exploit Title: PHPJabbers Rental Property Booking 2.0 - Reflected XSS Exploit Author: CraCkEr Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/rental-property-booking-calendar/ Version: 2.0 Tested on: Windows 10 Pro Impact: Manipulate the...

6.1CVSS7.1AI score0.00743EPSS

0day.today•added 2023/08/04 12:0 a.m.•206 views

PHPJabbers Service Booking Script 1.0 - Reflected XSS Vulnerability

...

6.1CVSS5.4AI score0.15132EPSS

Exploit DB•added 2023/08/04 12:0 a.m.•244 views

PHPJabbers Cleaning Business 1.0 - Reflected XSS

Exploit Title: PHPJabbers Cleaning Business 1.0 - Reflected XSS Exploit Author: CraCkEr Date: 21/07/2023 Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cleaning-business-software/ Version: 1.0 Tested on: Windows 10 Pro Impact: Manipulate...

6.1CVSS4.9AI score0.18081EPSS

Packet Storm•added 2023/08/03 12:0 a.m.•272 views

PHPJabbers Availability Booking Calendar 5.0 Cross Site Scripting

Exploit Title: PHPJabbers Availability Booking Calendar 5.0 - Reflected XSS Exploit Author: CraCkEr Date: 20/07/2023 Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/availability-booking-calendar/ Tested on: Windows 10 Pro Impact: Manipulat...

7.1AI score0.06662EPSS

Exploits2

Packet Storm•added 2023/08/03 12:0 a.m.•260 views

PHPJabbers Rental Property Booking 2.0 Cross Site Scripting

Exploit Title: PHPJabbers Rental Property Booking 2.0 - Reflected XSS Exploit Author: CraCkEr Date: 22/07/2023 Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/rental-property-booking-calendar/ Tested on: Windows 10 Pro Impact: Manipulate t...

7.1AI score0.00743EPSS

Packet Storm•added 2023/08/03 12:0 a.m.•253 views

PHPJabbers Taxi Booking 2.0 Cross Site Scripting

Exploit Title: PHPJabbers Taxi Booking 2.0 - Reflected XSS Exploit Author: CraCkEr Date: 22/07/2023 Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/taxi-booking-script/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site...

7.1AI score0.22751EPSS

0day.today•added 2023/07/28 12:0 a.m.•169 views

mooDating 1.2 - Reflected Cross-site scripting Vulnerability

Exploit Title: mooDating 1.2 - Reflected Cross-site scripting XSS Exploit Author: CraCkEr aka skalvin Vendor: mooSocial Vendor Homepage: https://moodatingscript.com/ Software Link: https://demo.moodatingscript.com/home Version: 1.2 Tested on: Windows 10 Pro Impact: Manipulate the content of the...

6.1CVSS7.1AI score0.09919EPSS

Exploits10

Packet Storm•added 2023/07/17 12:0 a.m.•281 views

Ecommerce 1.15 Cross Site Scripting

Exploit Title: Ecommerce 1.15 - Reflected XSS Exploit Author: CraCkEr Date: 16/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/ecommerce/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description The...

Exploit DB•added 2023/07/03 12:0 a.m.•217 views

GZ Forum Script 1.8 - Stored Cross-Site Scripting (XSS)

Exploit Title: GZ Forum Script 1.8 - Stored Cross-Site Scripting XSS Date: 30/06/2023 Exploit Author: CraCkEr Vendor: GZ Scripts Vendor Homepage: https://gzscripts.com/ Software Link: https://gzscripts.com/gz-forum-script.html Version: 1.8 Tested on: Windows 10 Pro Impact: Manipulate the content ...

7.4AI score

Packet Storm•added 2023/06/30 12:0 a.m.•315 views

Property Listing Script 1.0 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Packet Storm•added 2023/06/30 12:0 a.m.•341 views

CRM Platform 1.8 Cross Site Scripting

Packet Storm•added 2023/06/28 12:0 a.m.•219 views

NewsLetter Script 2.4 Cross Site Scripting