CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

RedhatCVE•added 2026/01/09 10:34 a.m.•3 views

CVE-2017-18288

An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter...

9.8CVSS8.1AI score0.00233EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-4464

Malware in sbrugna...

4.3CVSS6.4AI score0.00225EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-8848

Malware in sbrugna...

4.3CVSS6.2AI score0.00421EPSS

Exploits3References9

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2010-4503

Malware in sbrugna...

6.8CVSS6.4AI score0.00485EPSS

Exploits0References4

CNNVD•added 2025/05/24 12:0 a.m.•1 views

WordPress plugin 4stats 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS6AI score0.00198EPSS

Exploits0References4

RedhatCVE•added 2025/05/22 12:28 p.m.•6 views

CVE-2010-4537

Unspecified vulnerability in CrawlTrack before 3.2.7, when a public stats page is provided, allows remote attackers to execute arbitrary PHP code via unknown vectors...

6.8CVSS7.9AI score0.00485EPSS

Exploits0References1

Github Security Blog•added 2022/05/17 4:17 a.m.•19 views

Improper Neutralization of Input During Web Page Generation in Apache Solr

Cross-site scripting XSS vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x before 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache object...

4.3CVSS5.6AI score0.01382EPSS

Exploits0References3Affected Software1

OSV•added 2022/05/17 4:17 a.m.•1 views

GHSA-WGW2-GW4V-9W4J Improper Neutralization of Input During Web Page Generation in Apache Solr

4.3CVSS6AI score0.01382EPSS

Exploits0References2

OSV•added 2021/11/29 7:15 p.m.•1 views

CVE-2021-42364

The Stetic WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the statspage function found in the /stetic.php file, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 1.0.6...

8.8CVSS5.8AI score0.00109EPSS

Exploits0References2

CNVD•added 2018/06/14 12:0 a.m.•1 views

PvPGN Stats ladder/stats.php file SQL injection vulnerability (CNVD-2018-11468)

PvPGN Stats is a PHP-based tool that supports the integration of websites with the PvPGN game server, displaying server status, ladder pages, and more. A SQL injection vulnerability exists in the ladder/stats.php file in PvPGN Stats version 2.4.6, which stems from the program failing to filter...

9.8CVSS8.2AI score0.00233EPSS

Exploits1References1

Openbugbounty•added 2017/05/03 9:9 p.m.•9 views

itf.phone-rencontre.com XSS vulnerability

Open Bug Bounty ID: OBB-231145 Description| Value ---|--- Affected Website:| itf.phone-rencontre.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score

Exploits0

Prion•added 2017/03/28 2:59 a.m.•14 views

Cross site scripting

Revive Adserver before 3.2.3 suffers from Reflected XSS. www/admin/stats.php is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed, such as setPerPage, pageId, bannerid, periodstart, periodend, and possibly others...

3.5CVSS6.2AI score0.00213EPSS

Exploits0References4Affected Software1

Openbugbounty•added 2017/01/27 11:31 p.m.•12 views

old.post-gazette.com XSS vulnerability

Vulnerable URL: http://old.post-gazette.com/highschoolsports/stats/teamrecord.asp?teamtypeid=3=462BE555-D7F9-11D5-A78D-003048215596"--!"=18' Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculate...

6.3AI score

Exploits0

Openbugbounty•added 2016/03/28 11:45 a.m.•10 views

espn.com.ar XSS vulnerability

Vulnerable URL: http://www.espn.com.ar/mlb/deportes/stats/fielding?order=true%22%3E%3Ch1/onmouseover=%27alert%28/XSSPOSED/%29%27%3EYVTALE Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 08:04 GMT Vulnerability type:| XSS Vulnerability status:|...

6.3AI score

Exploits0

Debian CVE•added 2016/02/15 2:0 a.m.•17 views

CVE-2015-8797

Cross-site scripting XSS vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via the entry parameter to a plugins/cache URI...

6.1CVSS5.7AI score0.02074EPSS

Exploits0

NVD•added 2014/11/20 5:50 p.m.•10 views

CVE-2014-9021

Multiple cross-site scripting XSS vulnerabilities in ZTE ZXDSL 831 allow remote attackers to inject arbitrary web script or HTML via the 1 tr69cAcsURL, 2 tr69cAcsUser, 3 tr69cAcsPwd, 4 tr69cConnReqPwd, or 5 tr69cDebugEnable parameter to the TR-069 client page tr69cfg.cgi; the 6 timezone parameter...

4.3CVSS5.7AI score0.00256EPSS

Exploits2References4

NVD•added 2014/11/20 5:50 p.m.•7 views

CVE-2014-9020

Cross-site scripting XSS vulnerability in the Quick Stats page psilan.cgi in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action. NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected...

4.3CVSS5.5AI score0.00421EPSS

Exploits3References7

Prion•added 2014/11/20 5:50 p.m.•13 views

Cross site scripting

4.3CVSS6AI score0.00421EPSS

Exploits4References7

Prion•added 2014/11/20 5:50 p.m.•14 views

Cross site scripting

4.3CVSS5.9AI score0.00421EPSS

Exploits4References4