CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

Positive Technologies•added 2026/03/27 12:0 a.m.•2 views

PT-2026-28596

Name of the Vulnerable Software and Affected Versions serialize-javascript versions prior to 7.0.5 Description This issue involves a Denial of Service DoS caused by CPU exhaustion. When serializing a specially crafted "array-like" object – an object inheriting from Array.prototype with a very lar...

7.5CVSS5.9AI score0.00018EPSS

Exploits0References194

RedhatCVE•added 2025/05/22 11:3 p.m.•3 views

CVE-2022-34092

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via svg2img.php...

6.1CVSS6.2AI score0.00395EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 9:54 p.m.•5 views

CVE-2022-34094

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via requesttoken.php...

6.1CVSS6.2AI score0.01908EPSS

Exploits1References1

VulnCheck KEV•added 2023/11/15 12:0 a.m.•0 views

VulnCheck KEV: CVE-2022-32409

A local file inclusion LFI vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request...

9.8CVSS7.5AI score0.66547EPSS

Exploits1References1

NVD•added 2022/07/14 10:15 p.m.•17 views

CVE-2022-34093

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via accesstoken.php...

6.1CVSS0.02517EPSS

Exploits1References5

NVD•added 2022/07/14 10:15 p.m.•10 views

CVE-2022-34094

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via requesttoken.php...

6.1CVSS0.01908EPSS

Exploits1References5

NVD•added 2022/07/14 10:15 p.m.•12 views

CVE-2022-32409

9.8CVSS0.66547EPSS

Exploits1References2

NVD•added 2022/07/14 10:15 p.m.•9 views

CVE-2022-34092

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via svg2img.php...

6.1CVSS0.00395EPSS

Exploits1References5

Prion•added 2022/07/14 10:15 p.m.•21 views

Cross site scripting

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via accesstoken.php...

4.3CVSS6AI score0.02517EPSS

Exploits1References5Affected Software1

Prion•added 2022/07/14 10:15 p.m.•13 views

Cross site scripting

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via requesttoken.php...

4.3CVSS6AI score0.01908EPSS

Exploits1References5Affected Software1

Prion•added 2022/07/14 10:15 p.m.•12 views

Cross site scripting

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via svg2img.php...

4.3CVSS6AI score0.00395EPSS

Exploits1References5Affected Software1

Prion•added 2022/07/14 10:15 p.m.•22 views

Cross site request forgery (csrf)

7.5CVSS9.3AI score0.66547EPSS

Exploits1References2Affected Software1

CVE•added 2022/07/14 9:24 p.m.•83 views

CVE-2022-34094

i3geo v7.0.5 has a cross-site scripting (XSS) flaw exposed via request_token.php . The connected nuclei template confirms the vulnerability and describes impact as attackers injecting JavaScript into parameters that run in users’ browsers (potential token/session risks). Remediation in the connec...

6.1CVSS6AI score0.01908EPSS

Exploits1References5Affected Software1

Cvelist•added 2022/07/14 9:24 p.m.•12 views

CVE-2022-34094

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via requesttoken.php...

6.2AI score0.01908EPSS

Exploits1References5

CVE•added 2022/07/14 9:24 p.m.•56 views

CVE-2022-34092

CVE-2022-34092 affects Portal do Software Publico Brasileiro i3geo v7.0.5 with a cross-site scripting (XSS) vulnerability via the svg2img.php component. The connected documents consistently describe the issue as an XSS condition stemming from svg2img.php, affecting i3geo 7.0.5, but do not provide...

6.1CVSS6AI score0.00395EPSS

Exploits1References5Affected Software1

Cvelist•added 2022/07/14 9:24 p.m.•13 views

CVE-2022-34093

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via accesstoken.php...

6.2AI score0.02517EPSS

Exploits1References5

Cvelist•added 2022/07/14 9:24 p.m.•12 views

CVE-2022-34092

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via svg2img.php...

6.2AI score0.00395EPSS

Exploits1References5

CVE•added 2022/07/14 9:24 p.m.•89 views

CVE-2022-34093

CVE-2022-34093 affects Software Publico Brasileiro i3geo v7.0.5. The connected documents confirm a cross-site scripting (XSS) vulnerability in access_token.php, allowing injection of malicious JavaScript that can run in users’ browsers and potentially steal session tokens or perform unauthorized ...

6.1CVSS6AI score0.02517EPSS

Exploits1References5Affected Software1

CVE•added 2022/07/14 9:24 p.m.•86 views

CVE-2022-32409

CVE-2022-32409 affects Portal do Software Publico Brasileiro i3geo 7.0.5, with a local file inclusion in codemirror.php that allows arbitrary PHP code execution via a crafted HTTP request. Root cause: LFI in codemirror.php. Impact is reported as critical (CVSS 3.1: 9.8, HIGH confidentiality/ inte...

9.8CVSS9.3AI score0.66547EPSS

Exploits1References2Affected Software1

0day.today•added 2010/06/22 12:0 a.m.•28 views

phpFK <= v7.0.5 Remote Code Execution

Exploit for php platform in category web applications ===================================== phpFK = v7.0.5 Remote Code Execution ===================================== +-------------------------------------------------------------------------------------------------------------------------------+ ...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by