CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Emlog is an open source website building system. A cross-site scripting XSS vulnerability in emlog up to and including pro-2.5.17 allows authenticated remote attackers to inject arbitrary web script or HTML via the siteurl parameter. It is possible to inject malicious code into siteurl parameter...

6.9CVSS0.0018EPSS

Exploits1References1

Vulnrichment•added 2025/07/16 1:55 p.m.•2 views

CVE-2025-53924 Emlog vulnerable to stored Cross-site Scripting in links functionality

6.9CVSS5.6AI score0.0018EPSS

Exploits1References1

CVE•added 2025/07/16 1:55 p.m.•8 views

CVE-2025-53924

Summary: CVE-2025-53924 affects Emlog up to and including pro-2.5.17. The vulnerability is a cross-site scripting (XSS) flaw in the siteurl parameter that authenticated attackers can abuse to inject arbitrary script/HTML, resulting in Stored XSS when a link is clicked. The available connected doc...

6.9CVSS5.3AI score0.0018EPSS

Exploits1References1Affected Software1

Cvelist•added 2025/07/16 1:55 p.m.•5 views

CVE-2025-53924 Emlog vulnerable to stored Cross-site Scripting in links functionality

6.9CVSS0.0018EPSS

Exploits1References1

OSV•added 2025/07/16 1:55 p.m.•2 views

CVE-2025-53924 Emlog vulnerable to stored Cross-site Scripting in links functionality

6.9CVSS5.6AI score0.0018EPSS

Exploits1References3

RedhatCVE•added 2025/05/23 10:31 a.m.•7 views

CVE-2024-44920

A cross-site scripting XSS vulnerability in the component admincollectnews.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the siteurl parameter...

6.1CVSS5.8AI score0.00286EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 6:42 p.m.•8 views

CVE-2021-36601

GetSimpleCMS 3.3.16 contains a cross-site Scripting XSS vulnerability, where Function TSL does not filter check settings.php Website URL: "siteURL" parameter...

6.1CVSS6AI score0.00293EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 7:22 a.m.•6 views

CVE-2018-11583

SeaCMS 6.61 has stored XSS in admincollect.php via the siteurl parameter...

6.1CVSS5.9AI score0.0024EPSS

Exploits1References1

NVD•added 2024/09/03 12:15 p.m.•16 views

CVE-2024-44920

6.1CVSS0.00286EPSS

Exploits1References1

OSV•added 2024/09/03 12:15 p.m.•1 views

CVE-2024-44920

6.1CVSS5.9AI score0.00286EPSS

Exploits1References1

Positive Technologies•added 2024/09/03 12:0 a.m.•2 views

PT-2024-31306 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: A cross-site scripting XSS issue in the admin collect news.php component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the siteurl parameter. Recommendations: Fo...

6.1CVSS6.2AI score0.00286EPSS

Exploits1References8

NVD•added 2021/08/10 3:15 p.m.•8 views

CVE-2021-36601

GetSimpleCMS 3.3.16 contains a cross-site Scripting XSS vulnerability, where Function TSL does not filter check settings.php Website URL: "siteURL" parameter...

6.1CVSS0.00293EPSS

Exploits1References1

NVD•added 2018/05/31 3:29 a.m.•9 views

CVE-2018-11583

SeaCMS 6.61 has stored XSS in admincollect.php via the siteurl parameter...

6.1CVSS6AI score0.0024EPSS

Exploits1References1

OSV•added 2018/05/31 3:29 a.m.•0 views

CVE-2018-11583

SeaCMS 6.61 has stored XSS in admincollect.php via the siteurl parameter...

6.1CVSS5.8AI score0.0024EPSS

Exploits1References1