Lucene search
K

32 matches found

NVD
NVD
added 2026/02/01 1:15 p.m.5 views

CVE-2021-47856

Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the search module's keyword parameter. Remote attackers can inject malicious script code through the search input to compromise user sessions and manipulate application content...

6.4CVSS0.00305EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/01 12:15 p.m.3 views

CVE-2021-47856

Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the search module's keyword parameter. Remote attackers can inject malicious script code through the search input to compromise user sessions and manipulate application content...

6.4CVSS5.9AI score0.00305EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/02/01 12:0 a.m.9 views

NetArt Media Easy Cart Shopping Cart 跨站脚本漏洞

NetArt Media Easy Cart Shopping Cart is a lightweight PHP e-commerce shopping system developed by NetArt Media in Bulgaria. The 2021 version of NetArt Media Easy Cart Shopping Cart contains a cross-site scripting vulnerability. This vulnerability stems from the non-persistent cross-site scripting...

6.4CVSS5.7AI score0.00305EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/01 12:0 a.m.7 views

PT-2026-5552

Easy Cart Shopping Cart 2021 contains a non-persistent cross-site scripting vulnerability in the search module's keyword parameter. Remote attackers can inject malicious script code through the search input to compromise user sessions and manipulate application content...

6.4CVSS5.9AI score0.00305EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-29902

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00319EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/26 12:2 a.m.11 views

CVE-2025-9431 mtons mblog search cross site scripting

A flaw has been found in mtons mblog up to 3.5.0. Impacted is an unknown function of the file /search. This manipulation of the argument kw causes cross site scripting. The attack can be initiated remotely. The exploit has been published and may be used...

5.3CVSS0.00334EPSS
Exploits1References4
CVE
CVE
added 2025/08/26 12:2 a.m.18 views

CVE-2025-9431

The CVE-2025-9431 entry concerns mtons mblog up to version 3.5.0. The vulnerability affects the /search function, where manipulation of the kw argument enables cross-site scripting. The issue can be exploited remotely, and exploits have been published. Public sources in the connected documents (e...

6.1CVSS4.4AI score0.00334EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/07/27 12:0 a.m.5 views

JPACookieShop 跨站脚本漏洞

JPACookieShop is a cake mall platform software by Jerryshensjf individual developer. JPACookieShop cross-site scripting vulnerability, the vulnerability stems from the file GoodsCustController.java function goodsSearch parameter keyword leads to cross-site scripting...

6.1CVSS4.3AI score0.0047EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.5 views

Code-Projects Responsive Blog 代码注入漏洞

Code-Projects Responsive Blog is an open source responsive blog by Code-Projects. A code injection vulnerability exists in Code-Projects Responsive Blog version 1.0, which stems from cross-site scripting due to incorrect manipulation of the parameter keyword in the file /search.php...

5.4CVSS4.8AI score0.00286EPSS
Exploits1References6
OSV
OSV
added 2025/06/13 9:15 p.m.2 views

CVE-2025-6083

In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to bypass the ownerid filter. This issue may allow users to search data across the entire table instead of being restricted to their specific ownerid...

4.3CVSS5.8AI score0.00205EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:37 a.m.12 views

CVE-2024-32080

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nick Pelton Search Keyword Redirect allows Stored XSS.This issue affects Search Keyword Redirect: from n/a through 1.0...

5.9CVSS5.2AI score0.00319EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/04/16 12:0 a.m.13 views

Search Keyword Redirect <= 1.0 - Authenticated (Admin+) Stored Cross-Site Scripting

Description The Search Keyword Redirect plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.9CVSS5.9AI score0.00319EPSS
Exploits0References1
NVD
NVD
added 2024/04/11 9:15 a.m.13 views

CVE-2024-32080

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nick Pelton Search Keyword Redirect allows Stored XSS.This issue affects Search Keyword Redirect: from n/a through 1.0...

5.9CVSS5.7AI score0.00319EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/11 8:41 a.m.19 views

CVE-2024-32080 WordPress Search Keyword Redirect plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nick Pelton Search Keyword Redirect allows Stored XSS.This issue affects Search Keyword Redirect: from n/a through 1.0...

5.9CVSS5.9AI score0.00319EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/11 8:41 a.m.15 views

CVE-2024-32080 WordPress Search Keyword Redirect plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nick Pelton Search Keyword Redirect allows Stored XSS.This issue affects Search Keyword Redirect: from n/a through 1.0...

5.9CVSS5.2AI score0.00319EPSS
Exploits0References1
CVE
CVE
added 2024/04/11 8:41 a.m.53 views

CVE-2024-32080

CVE-2024-32080 is a Stored XSS in the WordPress plugin Search Keyword Redirect (Nick Pelton). The issue is described as Improper Neutralization of Input During Web Page Generation in the plugin, affecting versions from n/a through 1.0. No exploit details or patches are provided in the connected d...

5.9CVSS5.2AI score0.00319EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/11 8:38 a.m.4 views

WordPress Search Keyword Redirect plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin Search Keyword Redirect versions = 1.0...

5.9CVSS6.1AI score0.00319EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/11 12:0 a.m.5 views

PT-2024-24385 · Unknown · Search Keyword Redirect

Name of the Vulnerable Software and Affected Versions: Search Keyword Redirect versions n/a through 1.0 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For...

5.9CVSS5.6AI score0.00319EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/11 12:0 a.m.10 views

WordPress Search Keyword Redirect Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Search Keyword Redirect Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32080 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9a5522e4a000 Credits Sharanabasappa Required privilege...

5.9CVSS6.6AI score0.00319EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/04/11 12:0 a.m.3 views

WordPress Plugin Search Keyword Redirect 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress Plugin Search Keyword Redirect A cross-si...

5.9CVSS6AI score0.00319EPSS
Exploits0References2
Rows per page
Query Builder