CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Packet Storm News•added 2026/02/02 12:0 a.m.•3 views

Storytlr 1.2.0 Cross Site Scripting

Multiple reflected cross site scripting vulnerabilities exist in Storytlr version 1.2.0. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

5.2AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-1068

Malware in sbrugna...

4.3CVSS6.4AI score0.00984EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-1069

Malware in sbrugna...

4.3CVSS6.4AI score0.01201EPSS

Exploits1References4

RedhatCVE•added 2025/05/22 4:10 a.m.•8 views

CVE-2014-100037

Cross-site scripting XSS vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to archives/...

4.3CVSS6AI score0.00984EPSS

Exploits1References1

NVD•added 2015/01/13 3:59 p.m.•88 views

CVE-2014-100038

Cross-site scripting XSS vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter to search/...

4.3CVSS5.7AI score0.01201EPSS

Exploits1References3

NVD•added 2015/01/13 3:59 p.m.•25 views

CVE-2014-100037

Cross-site scripting XSS vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to archives/...

4.3CVSS5.7AI score0.00984EPSS

Exploits1References2

Prion•added 2015/01/13 3:59 p.m.•107 views

Cross site scripting

Cross-site scripting XSS vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to archives/...

4.3CVSS6.2AI score0.00984EPSS

Exploits1References2Affected Software1

Prion•added 2015/01/13 3:59 p.m.•75 views

Cross site scripting

Cross-site scripting XSS vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter to search/...

4.3CVSS6.2AI score0.01201EPSS

Exploits1References3Affected Software1

Cvelist•added 2015/01/13 3:0 p.m.•22 views

CVE-2014-100038

Cross-site scripting XSS vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter to search/...

5.7AI score0.01201EPSS

Exploits1References3

Cvelist•added 2015/01/13 3:0 p.m.•19 views

CVE-2014-100037

Cross-site scripting XSS vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to archives/...

5.7AI score0.00984EPSS

Exploits1References2

CVE•added 2015/01/13 3:0 p.m.•486 views

CVE-2014-100038

CVE-2014-100038 is an XSS vulnerability in Storytlr 1.3.dev and earlier, where an attacker can inject arbitrary web script or HTML via the search parameter to the /search/ endpoint. The affected component is the search functionality; root cause is cross-site scripting. The NVD entry lists a base ...

4.3CVSS5.9AI score0.01201EPSS

Exploits1References3Affected Software1

CVE•added 2015/01/13 3:0 p.m.•238 views

CVE-2014-100037

CVE-2014-100037 : Storytlr 1.3.dev and earlier is vulnerable to cross-site scripting (XSS) via PATH_INFO to archives/, allowing remote attackers to inject arbitrary web script or HTML. The connected records corroborate an XSS issue in Storytlr with the same vector. No remediation details (patch/v...

4.3CVSS5.9AI score0.00984EPSS

Exploits1References2Affected Software1

seebug.org•added 2014/03/10 12:0 a.m.•481 views

storytlr "search"跨站脚本漏洞

storytlr是一款博客平台。由于通过"search"参数传递到index.php/search/的输入在protected/application/public/controllers/SearchController.php中被返回用户前未能正确过滤，攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。 0 storytlr 1.2 目前厂商暂无提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://storytlr.org/...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by