Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-2367

Malware in sbrugna...

6.5CVSS6.4AI score0.01142EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-27685

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00958EPSS
Exploits1References5
OSV
OSV
added 2021/09/04 8:15 p.m.5 views

CVE-2021-40509

ViewCommon.java in JForum2 2.7.0 allows XSS via a user signature...

5.4CVSS6.1AI score0.00958EPSS
Exploits1References4
NVD
NVD
added 2021/09/04 8:15 p.m.18 views

CVE-2021-40509

ViewCommon.java in JForum2 2.7.0 allows XSS via a user signature...

5.4CVSS0.00958EPSS
Exploits1References4
Prion
Prion
added 2021/09/04 8:15 p.m.19 views

Design/Logic Flaw

ViewCommon.java in JForum2 2.7.0 allows XSS via a user signature...

3.5CVSS5.1AI score0.00958EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2021/09/04 7:20 p.m.22 views

CVE-2021-40509

ViewCommon.java in JForum2 2.7.0 allows XSS via a user signature...

5.4AI score0.00958EPSS
Exploits1References4
CNNVD
CNNVD
added 2020/11/26 12:0 a.m.7 views

Coremail XT 跨站脚本漏洞

Coremail XT is a set of enterprise-class mail system from China Yingshi Computer Technology Company. The system supports sending and receiving emails, enterprise address book, enterprise cloud disk and schedule synchronization. A cross-site scripting vulnerability exists in jsp/upload.jsp in...

6.1CVSS6.2AI score0.01081EPSS
Exploits0References2
Prion
Prion
added 2014/06/16 6:55 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html...

4.3CVSS6.1AI score0.00991EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2014/06/16 6:0 p.m.30 views

CVE-2014-4164

Cross-site scripting XSS vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html...

5.6AI score0.00991EPSS
Exploits1References1
NVD
NVD
added 2012/08/14 11:55 p.m.17 views

CVE-2012-2082

Cross-site scripting XSS vulnerability in the Chaos tool suite aka CTools module 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with the post comments permission to inject arbitrary web script or HTML via a user signature...

2.1CVSS5.3AI score0.01607EPSS
Exploits0References8
NVD
NVD
added 2009/07/08 3:30 p.m.18 views

CVE-2009-2372

Drupal 6.x before 6.13 does not prevent users from modifying user signatures after the associated comment format has been changed to an administrator-controlled input format, which allows remote authenticated users to inject arbitrary web script, HTML, and possibly PHP code via a crafted user...

6.5CVSS6.4AI score0.02308EPSS
Exploits0References4
CVE
CVE
added 2009/07/08 3:0 p.m.49 views

CVE-2009-2371

The CVE-2009-2371 entry affects the Drupal module Advanced Forum (6.x) prior to 6.x-1.1. The issue arises when the module allows users to modify their signatures after the comment format has been switched to an administrator-controlled input format, enabling remote authenticated users to inject a...

6.5CVSS6.8AI score0.01142EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2009/07/08 3:0 p.m.21 views

CVE-2009-2372

Drupal 6.x before 6.13 does not prevent users from modifying user signatures after the associated comment format has been changed to an administrator-controlled input format, which allows remote authenticated users to inject arbitrary web script, HTML, and possibly PHP code via a crafted user...

6.3AI score0.02308EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2009/07/06 12:0 a.m.18 views

Fedora 9 : drupal-6.13-1.fc9 (2009-7362)

Fixes SA-CORE-2009-007 http://drupal.org/node/507572 . Remember to log in to your site as the admin user before upgrading this package. After upgrading the package, browse to http://host/drupal/update.php to run the upgrade script. Multiple vulnerabilities and weaknesses were discovered in Drupal...

5.8AI score
Exploits0References3
Cvelist
Cvelist
added 2005/09/07 4:0 a.m.32 views

CVE-2005-2836

Multiple cross-site scripting XSS vulnerabilities in Phorum 5.0.17a and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the username parameter to register.php or 2 a signature of a logged-in user in "My Control Center," which is not properly handled by control.php...

5.7AI score0.01256EPSS
Exploits1References3
securityvulns
securityvulns
added 2005/03/31 12:0 a.m.40 views

Invision Power Board v2.0.3 XSS vulnerabilities

Invision Power Board v2.0.3 XSS vulnerabilities found more at user signature. when Admin read attacker topics, admin will lost his passhash example...

0.2AI score
Exploits0
Rows per page
Query Builder