Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.15 views

PT-2026-54859

Name of the Vulnerable Software and Affected Versions Craft CMS versions 5.0.0-RC1 through 5.9.22 Craft CMS versions 4.0.0-RC1 through 4.17.15 Description An attacker with a GitHub account can inject a JavaScript payload into a craftcms/cms issue title. The payload executes within the control pan...

7.4CVSS5.8AI score0.00311EPSS
Exploits0References10
NVD
NVD
added 2026/05/01 9:16 a.m.6 views

CVE-2026-40201

@diplodoc/search-extension 1.0.0 through 3.x before 3.0.3 allows stored XSS via the title in a .md file...

5.4CVSS0.00241EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/06 8:6 p.m.8 views

CVE-2026-35208

lichess.org is the forever free, adless and open source chess server. Any approved streamer can inject arbitrary HTML into /streamer and the homepage “Live streams” widget by placing markup in their Twitch/YouTube stream title. CSP is present and blocks inline script execution, but the issue is...

5.3CVSS6AI score0.00299EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-1423

Malware in sbrugna...

5.4CVSS5.5AI score0.00495EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-7548

Malware in sbrugna...

6.1CVSS6.3AI score0.00474EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2022-2455

Malicious code in bioql PyPI...

6.1CVSS6.1AI score0.00923EPSS
Exploits0References3
NVD
NVD
added 2002/07/03 4:0 a.m.20 views

CVE-2002-0535

Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via 1 an IMG tag when BBCode is enabled, or 2 in a topic title...

5CVSS6.8AI score0.07365EPSS
Exploits1References5
Rows per page
Query Builder