Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:34 a.m.15 views

CVE-2019-7168

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog...

4.8CVSS6.1AI score0.0061EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-16541

Malware in sbrugna...

5.4CVSS7.2AI score0.00708EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-16717

Malware in sbrugna...

6.1CVSS6.3AI score0.00865EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2019-16543

Malware in sbrugna...

6.1CVSS7.6AI score0.00897EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-5626

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.0061EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-2122

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.0061EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3361

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.0061EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-4895

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.0061EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-5299

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.0061EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 4:4 p.m.5 views

CVE-2020-10114

cPanel before 84.0.20 allows stored self-XSS via the HTML file editor SEC-535...

6.1CVSS6.6AI score0.00641EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:18 a.m.8 views

CVE-2019-6990

A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones=zoneImage∣=1 URI...

5.4CVSS6AI score0.00708EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:14 a.m.10 views

CVE-2019-6992

A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a long NAME or PROTOCOL to the index.php?view=controlcaps URI...

6.1CVSS6AI score0.00897EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:53 a.m.10 views

CVE-2019-7170

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/taxonomy/vocabularies...

4.8CVSS6.1AI score0.0061EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/09/30 5:9 p.m.22 views

CVE-2024-47536 starcitizentools/citizen-skin vulnerable to stored, self-XSS in the "real name" field

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. A user with the editmyprivateinfo right or who can otherwise change their name can XSS themselves by setting their "real name" to an XSS payload. This vulnerability is fixed in 2.31.0...

4.8CVSS0.00434EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/05/14 1:38 a.m.19 views

Croogo vulnerable to XSS in Blog field

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog...

4.8CVSS6.4AI score0.0061EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2019/01/29 6:29 p.m.22 views

CVE-2019-7172

A stored-self XSS exists in ATutor through v2.2.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Real Name field to /mods/core/users/admins/myedit.php...

6.1CVSS6.1AI score
Exploits0References1
CVE
CVE
added 2019/01/29 6:0 p.m.46 views

CVE-2019-7173

Croogo is affected by a stored-self XSS vulnerability in the title field of the Attachment page (/admin/file-manager/attachments/edit/4). Affected versions include Croogo prior to 3.0.7 (v3.0.5 referenced; OSV notes vulnerability before 3.0.7). The root cause is reflected in multiple sources desc...

4.8CVSS4.9AI score0.0061EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/01/29 6:0 p.m.38 views

CVE-2019-7170

Affected software: Croogo CMS (versions up to 3.0.5). Vulnerability: Stored-self XSS in the article/title handling, exploitable via the vulnerable Title field submitted to /admin/taxonomy/vocabularies. Impact (as stated): Attacker can execute HTML/JavaScript in a victim’s browser. Root cause (as ...

4.8CVSS4.9AI score0.0061EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/01/28 8:0 p.m.96 views

CVE-2019-6990

CVE-2019-6990 is a stored-self XSS in ZoneMinder up to version 1.32.3, triggered via a crafted Zone NAME in the URL index.php?view=zones&action=zoneImage&mid=1. The vulnerability affects web/skins/classic/views/zones.php. Exploitation could allow HTML/JavaScript execution in the vulnerable field....

5.4CVSS5.5AI score0.00708EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2019/01/28 8:0 p.m.104 views

CVE-2019-6992

CVE-2019-6992 is a stored-self XSS in ZoneMinder up to version 1.32.3, via web/skins/classic/views/controlcaps.php. An attacker can inject HTML/JavaScript by exploiting a long NAME or PROTOCOL in index.php?view=controlcaps, resulting in code execution in the vulnerable field. Exploitation details...

6.1CVSS5.7AI score0.00897EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder