CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

CVE-2026-27964

FacturaScripts is an open source accounting and invoicing software. Versions 2025.7 and prior contain a Reflected Cross-Site Scripting XSS vulnerability through the fsNick cookie parameter. The application reflects the cookie's value directly into the HTML without sanitization. The fsNick cookie ...

3.9CVSS5.4AI score0.00018EPSS

Exploits0References1

Cvelist•added 2026/05/18 10:5 p.m.•23 views

CVE-2026-27964 FacturaScripts: Reflected Cross-Site Scripting (XSS) via Cookie Manipulation

3.9CVSS0.00018EPSS

Exploits0References2

ATTACKERKB•added 2026/05/18 10:5 p.m.•8 views

CVE-2026-27964

3.9CVSS5.8AI score0.00018EPSS

Exploits0References3Affected Software1

EUVD•added 2026/05/18 10:5 p.m.•8 views

EUVD-2026-30813

3.9CVSS5.8AI score0.00018EPSS

Exploits0References2

CVE•added 2026/05/18 10:5 p.m.•9 views

CVE-2026-27964

FacturaScripts versions 2025.7 and earlier contain a Reflected Cross-Site Scripting (XSS) vulnerability via the fsNick cookie parameter. The application reflects the cookie value directly into the HTML without sanitization, rendering the DOM without encoding. Although the server logs out the sess...

3.9CVSS5.8AI score0.00018EPSS

Exploits0References2

RedhatCVE•added 2025/12/31 8:0 p.m.•4 views

CVE-2025-69210

FacturaScripts is open-source enterprise resource planning and accounting software. Prior to version 2025.7, a stored cross-site scripting XSS vulnerability exists in the product file upload functionality. Authenticated users can upload crafted XML files containing executable JavaScript. These...

5.1CVSS6.2AI score0.00019EPSS

Exploits2References1

Cvelist•added 2025/12/30 7:23 p.m.•20 views

CVE-2025-69210 FacturaScripts vulnerable to Stored Cross-Site Scripting (XSS) via XML File Upload

5.1CVSS0.00019EPSS

Exploits2References3