CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

TemaTres is an open source vocabulary server. A cross-site scripting vulnerability exists in TemaTres version 3.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute client-side code...

6.1CVSS6.4AI score0.00328EPSS

Exploits0References1

OSV•added 2019/12/13 4:15 p.m.•0 views

CVE-2019-14344

TemaTres 3.0 has reflected XSS via the replacestring or searchstring parameter to the vocab/admin.php?doAdmin=bulkReplace URI...

6.1CVSS5.8AI score0.00328EPSS

Exploits0References2

NVD•added 2019/12/13 4:15 p.m.•10 views

CVE-2019-14344

TemaTres 3.0 has reflected XSS via the replacestring or searchstring parameter to the vocab/admin.php?doAdmin=bulkReplace URI...

6.1CVSS6.1AI score0.00328EPSS

Exploits0References2

CVE•added 2019/12/13 3:59 p.m.•37 views

CVE-2019-14344

TemaTres 3.0 is affected by a reflected XSS in the vocab/admin.php?doAdmin=bulkReplace endpoint via the replace_string or search_string parameters. The vulnerability stems from insufficient input handling, enabling injection of script/code that can impact user sessions through client-side executi...

6.1CVSS5.9AI score0.00328EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/12/13 3:59 p.m.•9 views

CVE-2019-14344

TemaTres 3.0 has reflected XSS via the replacestring or searchstring parameter to the vocab/admin.php?doAdmin=bulkReplace URI...

6.1AI score0.00328EPSS

Exploits0References2

CNVD•added 2019/11/19 12:0 a.m.•1 views

Unspecified Vulnerability in TemaTres

TemaTres is an open source vocabulary server. A security vulnerability exists in TemaTres version 3.0, which can be exploited by remote attackers to create administrator accounts...

9.8CVSS7AI score0.0051EPSS

Exploits4References1

CNVD•added 2019/11/19 12:0 a.m.•0 views

TemaTres Cross-Site Scripting Vulnerability

TemaTres is an open source vocabulary server. A cross-site scripting vulnerability exists in TemaTres version 3.0, which can be exploited by an attacker to execute client-side code...

5.4CVSS6.5AI score0.00378EPSS

Exploits5References1

Exploit DB•added 2019/11/18 12:0 a.m.•164 views

TemaTres 3.0 - 'value' Persistent Cross-site Scripting

Exploit Title: TemaTres 3.0 - 'value' Persistent Cross-site Scripting Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source: https://sourceforge.net/projects/tematres/files/TemaTres%203.0/tematres3.0.zip/download Version: 3.0 CVE : 2019–14343 Reference:...

5.4CVSS5.8AI score0.00378EPSS

Exploits5

Exploit DB•added 2019/11/18 12:0 a.m.•301 views

TemaTres 3.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: TemaTres 3.0 — Cross-Site Request Forgery Add Admin Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source: https://sourceforge.net/projects/tematres/files/TemaTres%203.0/tematres3.0.zip/download Version: 3.0 CVE : 2019–14345...

9.8CVSS9.8AI score0.0051EPSS

Exploits4

Packet Storm•added 2019/11/18 12:0 a.m.•110 views

TemaTres 3.0 Cross Site Request Forgery

0.2AI score0.0051EPSS

Exploits4

0day.today•added 2019/11/18 12:0 a.m.•58 views

TemaTres 3.0 - (value) Persistent Cross-site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: TemaTres 3.0 - 'value' Persistent Cross-site Scripting Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source:...

7.1AI score0.00378EPSS

Exploits5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by