Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9463 matches found

NVD
NVDadded 2026/01/05 3:15 a.m.1 views

CVE-2025-15452

A weakness has been identified in xnx3 wangmarket up to 4.9. This affects the function variableList of the file /admin/system/variableList.do of the component Backend Variable Search. Executing a manipulation of the argument Description can lead to cross site scripting. The attack may be launched...

4.8CVSS0.00023EPSS
Exploits1References4
Snyk
Snykadded 2026/01/05 2:38 a.m.2 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the variableSave function of the /admin/system/variableList.do endpoint when handling the Description argument. An attacker can inject and execute arbitrary scripts in the context of a user's browser by...

4.8CVSS5.5AI score0.00023EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/01/05 2:2 a.m.1 views

CVE-2025-15452 xnx3 wangmarket Backend Variable Search variableList.do variableList cross site scripting

A weakness has been identified in xnx3 wangmarket up to 4.9. This affects the function variableList of the file /admin/system/variableList.do of the component Backend Variable Search. Executing a manipulation of the argument Description can lead to cross site scripting. The attack may be launched...

4.8CVSS5.2AI score0.00023EPSS
Exploits1References4
CNNVD
CNNVDadded 2026/01/05 12:0 a.m.1 views

wangmarket 代码注入漏洞

wangmarket is a privatized deploy your own SAAS cloud builder system for xnx3 individual developers in China. A code injection vulnerability exists in wangmarket 4.9 and earlier versions, which stems from the incorrect operation of the parameter Description in the function variableList in the fil...

4.8CVSS4.2AI score0.00023EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/01/05 12:0 a.m.4 views

PT-2026-1204

Name of the Vulnerable Software and Affected Versions xnx3 wangmarket versions up to 4.9 Description A security flaw exists in xnx3 wangmarket up to version 4.9, specifically within the System Variables Page functionality located at the '/admin/system/variableSave.do' file. Manipulation of the...

4.8CVSS4.7AI score0.00023EPSS
Exploits1References8
RedhatCVE
RedhatCVEadded 2026/01/03 9:0 a.m.2 views

CVE-2025-15437

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

5.4CVSS3.5AI score0.00008EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/02 11:25 p.m.2 views

CVE-2025-15416

A vulnerability was found in xnx3 wangmarket up to 6.4. This affects an unknown function of the file /siteVar/save.do of the component Add Global Variable Handler. The manipulation of the argument Remark/Variable Value results in cross site scripting. The attack can be executed remotely. The...

4.8CVSS5.4AI score0.00019EPSS
Exploits1References1
NVD
NVDadded 2026/01/02 9:15 a.m.1 views

CVE-2025-15437

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

5.4CVSS0.00008EPSS
Exploits1References8
OSV
OSVadded 2026/01/02 9:15 a.m.1 views

CVE-2025-15437

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

5.4CVSS3.5AI score
Exploits0References8
Cvelist
Cvelistadded 2026/01/02 8:32 a.m.21 views

CVE-2025-15437 LigeroSmart Environment Variable cross site scripting

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

5.1CVSS0.00008EPSS
Exploits1References8
Vulnrichment
Vulnrichmentadded 2026/01/02 8:32 a.m.2 views

CVE-2025-15437 LigeroSmart Environment Variable cross site scripting

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

5.1CVSS3.5AI score0.00008EPSS
Exploits1References8
CVE
CVEadded 2026/01/02 8:32 a.m.6 views

CVE-2025-15437

LigeroSmart (up to 6.1.24) has a cross-site scripting vulnerability in the Environment Variable Handler, triggered by manipulation of the REQUEST_URI argument. The attack can be initiated remotely and an exploit has been publicly disclosed. Remediation: upgrade to LigeroSmart 6.1.26 or 6.3; patch...

5.4CVSS3.5AI score0.00008EPSS
Exploits1References8Affected Software1
CNNVD
CNNVDadded 2026/01/02 12:0 a.m.1 views

LigeroSmart 代码注入漏洞

LigeroSmart is a management platform for LigeroSmart open source. A code injection vulnerability exists in LigeroSmart versions 6.1.24 and earlier, which stems from the incorrect manipulation of the parameter REQUESTURI in the component Environment Variable Handler, and could lead to a cross-site...

5.4CVSS4.7AI score0.00008EPSS
Exploits1References8
Positive Technologies
Positive Technologiesadded 2026/01/02 12:0 a.m.2 views

PT-2026-1060

Name of the Vulnerable Software and Affected Versions LigeroSmart versions up to 6.1.24 Description A flaw exists in the Environment Variable Handler component of LigeroSmart. Manipulation of the REQUEST URI argument can lead to cross-site scripting. The issue may be exploited remotely. The explo...

5.1CVSS5.6AI score0.00008EPSS
Exploits1References12
Snyk
Snykadded 2026/01/01 11:39 p.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the /siteVar/save.do endpoint. An attacker can inject and execute arbitrary scripts by submitting crafted input to the Remark or Variable Value parameters. Details Cross-site scripting or XSS is a code...

5.4CVSS5.5AI score0.00019EPSS
Exploits1References2
NVD
NVDadded 2026/01/01 11:15 p.m.1 views

CVE-2025-15416

A vulnerability was found in xnx3 wangmarket up to 6.4. This affects an unknown function of the file /siteVar/save.do of the component Add Global Variable Handler. The manipulation of the argument Remark/Variable Value results in cross site scripting. The attack can be executed remotely. The...

5.4CVSS0.00019EPSS
Exploits1References4
OSV
OSVadded 2026/01/01 11:15 p.m.1 views

CVE-2025-15416

A vulnerability was found in xnx3 wangmarket up to 6.4. This affects an unknown function of the file /siteVar/save.do of the component Add Global Variable Handler. The manipulation of the argument Remark/Variable Value results in cross site scripting. The attack can be executed remotely. The...

5.4CVSS5.6AI score
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/01/01 10:32 p.m.1 views

CVE-2025-15416 xnx3 wangmarket Add Global Variable save.do cross site scripting

A vulnerability was found in xnx3 wangmarket up to 6.4. This affects an unknown function of the file /siteVar/save.do of the component Add Global Variable Handler. The manipulation of the argument Remark/Variable Value results in cross site scripting. The attack can be executed remotely. The...

4.8CVSS5.3AI score0.00019EPSS
Exploits1References4
CVE
CVEadded 2026/01/01 10:32 p.m.5 views

CVE-2025-15416

CVE-2025-15416 affects xnx3 wangmarket up to 6.4. The vulnerability exists in the file /siteVar/save.do within the Add Global Variable Handler. Manipulating the Remark/Variable Value parameter can trigger a cross-site scripting (XSS) flaw that can be exploited remotely; the exploit has been publi...

5.4CVSS3.3AI score0.00019EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2026/01/01 12:0 a.m.3 views

PT-2026-6154

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the be2net driver within the Linux kernel where a NULL pointer dereference can occur in the be cmd get mac from list function. This happens when the pmac id valid...

5.5CVSS6.4AI score0.00018EPSS
Exploits0
Rows per page
Query Builder