Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2022/12/21 7:15 p.m.14 views

CVE-2021-4271

A vulnerability was found in panicsteve w2wiki. It has been rated as problematic. Affected by this issue is the function toHTML of the file index.php of the component Markdown Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is...

6.1CVSS0.00213EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/12/21 12:0 a.m.3 views

w2wiki 跨站脚本漏洞

w2wiki is a web-based wiki-like notepad developed by Steven Frank. A security vulnerability exists in w2wiki, which originates in the toHTML function of the index.php file of the component Markdown Handler, where a parameter query leads to cross-site scripting...

6.1CVSS5.4AI score0.00213EPSS
Exploits0References3
Cvelist
Cvelistadded 2022/12/21 12:0 a.m.18 views

CVE-2021-4271 panicsteve w2wiki Markdown index.php toHTML cross site scripting

A vulnerability was found in panicsteve w2wiki. It has been rated as problematic. Affected by this issue is the function toHTML of the file index.php of the component Markdown Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is...

3.5CVSS6.2AI score0.00213EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/03/20 12:0 a.m.2 views

DWSurvey 代码问题漏洞

DWSurvey is a survey system written in Java. DWSurvey v3.2.0 has a security vulnerability that allows an attacker to write arbitrary files via the component /utils/ToHtmlServlet.java...

9.8CVSS8.3AI score0.00363EPSS
Exploits1References2
OSV
OSVadded 2021/01/26 10:15 p.m.1 views

CVE-2020-23774

A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed...

6.1CVSS6.4AI score0.00223EPSS
Exploits1References1
Prion
Prionadded 2021/01/26 10:15 p.m.11 views

Cross site scripting

A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed...

4.3CVSS5.9AI score0.00223EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2021/01/26 9:2 p.m.12 views

CVE-2020-23774

A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed...

6.1AI score0.00223EPSS
Exploits1References1
Prion
Prionadded 2010/05/27 10:30 p.m.16 views

Design/Logic Flaw

bbcode/php.bb in e107 0.7.20 and earlier does not perform access control checks for all inputs that could contain the php bbcode tag, which allows remote attackers to execute arbitrary PHP code, as demonstrated using the toEmail method in contact.php, related to invocations of the toHTML method...

7.5CVSS8AI score0.00838EPSS
Exploits2References2Affected Software1
Cvelist
Cvelistadded 2010/05/27 10:0 p.m.14 views

CVE-2010-2099

bbcode/php.bb in e107 0.7.20 and earlier does not perform access control checks for all inputs that could contain the php bbcode tag, which allows remote attackers to execute arbitrary PHP code, as demonstrated using the toEmail method in contact.php, related to invocations of the toHTML method...

7.4AI score0.00838EPSS
Exploits2References2
Rows per page
Query Builder