CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2017/03/23 10:59 p.m.•9 views

CVE-2017-7251

A Cross-Site Scripting XSS was discovered in pi-engine/pi 2.5.0. The vulnerability exists due to insufficient filtration of user-supplied data preview passed to the "pi-develop/www/script/editor/markitup/preview/markdown.php" URL. An attacker could execute arbitrary HTML and script code in a...

6.1CVSS5.9AI score0.00234EPSS

Prion•added 2017/03/23 10:59 p.m.•9 views

Cross site scripting

Multiple Cross-Site Scripting XSS were discovered in Gazelle before 2017-03-19. The vulnerabilities exist due to insufficient filtration of user-supplied data torrents, size passed to the 'Gazelle-master/sections/tools/managers/multiplefreeleech.php' URL. An attacker could execute arbitrary HTML...

4.3CVSS6AI score0.00315EPSS

Exploits0References3Affected Software1

NVD•added 2017/03/23 10:59 p.m.•10 views

CVE-2017-7250

A Cross-Site Scripting XSS was discovered in Gazelle before 2017-03-19. The vulnerability exists due to insufficient filtration of user-supplied data action passed to the 'Gazelle-master/sections/tools/finances/bitcoinbalance.php' URL. An attacker could execute arbitrary HTML and script code in a...

6.1CVSS5.9AI score0.00315EPSS

OSV•added 2017/03/23 10:59 p.m.•14 views

CVE-2017-7251

Cvelist•added 2017/03/23 10:0 p.m.•14 views

CVE-2017-7247

6.1AI score0.00315EPSS

CVE•added 2017/03/23 10:0 p.m.•47 views

CVE-2017-7251

Pi Engine vulnerability CVE-2017-7251 affects pi-engine/pi 2.5.0. The issue arises from insufficient filtration of user-supplied data in the preview path (pi-develop/www/script/editor/markitup/preview/markdown.php), allowing an attacker to execute arbitrary HTML and script code in a victim browse...

6.1CVSS5.8AI score0.00234EPSS

Exploits0References2Affected Software1

Cvelist•added 2017/03/23 10:0 p.m.•11 views

CVE-2017-7251

5.9AI score0.00234EPSS

Cvelist•added 2017/03/23 10:0 p.m.•12 views

CVE-2017-7250

5.9AI score0.00315EPSS

OpenVAS•added 2017/03/23 12:0 a.m.•20 views

Kunena Forum Extension 'message subject' Cross Site Scripting Vulnerability

the Kunena Forum Extension for Joomla is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS6.1AI score0.0024EPSS

Exploits1References1

OpenVAS•added 2017/03/23 12:0 a.m.•21 views

MantisBT < 2.1.1 'view_type' XSS Vulnerability - Windows

MantisBT is prone to a cross-site scripting XSS vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

6.1CVSS6AI score0.00272EPSS

Exploits0References1

OpenVAS•added 2017/03/22 12:0 a.m.•21 views

ZoneMinder <= 1.30.1 XSS Vulnerability

ZoneMinder is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS6.2AI score0.00283EPSS

Exploits1References1

OSV•added 2017/03/21 6:59 a.m.•12 views

CVE-2017-7204

A Cross-Site Scripting XSS was discovered in imdbphp 5.1.1. The vulnerability exists due to insufficient filtration of user-supplied data name passed to the "imdbphp-master/demo/search.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...

OSV•added 2017/03/21 6:59 a.m.•16 views

CVE-2017-7203

A Cross-Site Scripting XSS was discovered in ZoneMinder before 1.30.2. The vulnerability exists due to insufficient filtration of user-supplied data postLoginQuery passed to the "ZoneMinder-master/web/skins/classic/views/js/postlogin.js.php" URL. An attacker could execute arbitrary HTML and scrip...

OSV•added 2017/03/21 6:59 a.m.•11 views

CVE-2017-7205

A Cross-Site Scripting XSS was discovered in GamePanelX-V3 3.0.12. The vulnerability exists due to insufficient filtration of user-supplied data a passed to the "GamePanelX-V3-master/ajax/ajax.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the...