CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

99 matches found

CVE•added 2026/02/03 6:7 p.m.•15 views

CVE-2026-25489

Craft Commerce (Craft CMS) has a stored XSS vulnerability in the Tax Zones Name and Description fields that can execute injected JavaScript in an administrator’s browser. Affected versions are 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1; the issue arises because sanitization is insufficient ...

6.1CVSS5.4AI score0.00283EPSS

Exploits1References4Affected Software1

EUVD•added 2026/01/21 12:31 a.m.•5 views

EUVD-2026-3566

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: Scripting Admin. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful...

6.1CVSS5.5AI score0.002EPSS

Exploits0References2

OSV•added 2026/01/20 10:15 p.m.•4 views

CVE-2026-21943

6.1CVSS5.8AI score

Exploits0References1

Positive Technologies•added 2026/01/20 12:0 a.m.•4 views

PT-2026-3693

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite versions 12.2.3 through 12.2.15 Description An easily exploitable issue exists in the Oracle Scripting product of Oracle E-Business Suite component: Scripting Admin. An unauthenticated attacker with network access via...

6.1CVSS7.3AI score0.002EPSS

Exploits0References3

OSV•added 2025/12/18 8:15 p.m.•2 views

CVE-2023-53736

A reflected cross-site scripting vulnerability in Kentico Xperience allows authenticated users to inject malicious scripts in the administration interface. Attackers can exploit this vulnerability to execute arbitrary scripts within the administrative context...

5.4CVSS6AI score0.00165EPSS

Exploits0References2

EUVD•added 2025/12/15 10:55 p.m.•2 views

EUVD-2025-38243

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2 - 156 and below, an authenticated regular user can create a photo collection whose Collection Name contains HTML/JavaScript payloads, which making ClipBucket’s Manage Photos feature vulnerable to Stored XSS. The payload is...

5.1CVSS6.1AI score0.00396EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-13782

Malware in sbrugna...

4.8CVSS5.1AI score0.00482EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•14 views

EUVD-2022-31129

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00559EPSS

Exploits1References1