Lucene search
K

355 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-4129

Malware in sbrugna...

5CVSS6.4AI score0.02195EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-3198

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00197EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-49395

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.0055EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24771

Malicious code in bioql PyPI...

7.1CVSS4.6AI score0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-55172

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.00368EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-32423

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.00727EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-29920

Malicious code in bioql PyPI...

7.6CVSS6.4AI score0.00515EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-42295

Malicious code in bioql PyPI...

5.3CVSS9.1AI score0.00434EPSS
Exploits0References1
OSV
OSV
added 2025/10/02 9:46 p.m.7 views

CVE-2025-61668 @plone/volto vulnerable to potential DoS by invoking specific URL by anonymous user

Volto is a ReactJS-based frontend for the Plone Content Management System. Versions 16.34.0 and below, 17.0.0 through 17.22.1, 18.0.0 through 18.27.1, and 19.0.0-alpha.1 through 19.0.0-alpha.5, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visiting a...

8.7CVSS6.4AI score0.00408EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/08/30 6:19 p.m.3 views

CVE-2025-54541

QuickCMS is vulnerable to Cross-Site Request Forgery in page deletion functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST request deleting an article. The vendor was notified early about this vulnerability, but didn't respon...

6.9CVSS6.9AI score0.00136EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/28 10:12 a.m.6 views

CVE-2025-54541 Cross-Site Request Forgery in QuickCMS

QuickCMS is vulnerable to Cross-Site Request Forgery in page deletion functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST request deleting an article. The vendor was notified early about this vulnerability, but didn't respon...

6.9CVSS0.00136EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/22 5:31 p.m.8 views

CVE-2025-46856

Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. A low privileged attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation ...

5.4CVSS5.4AI score0.00205EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 5:15 p.m.4 views

CVE-2025-46856

Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. A low privileged attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation ...

5.4CVSS0.00205EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 5:8 p.m.3 views

CVE-2025-47054 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. A low privileged attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation ...

5.4CVSS5.8AI score0.0033EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 4:58 p.m.20 views

CVE-2025-46856

Adobe Experience Manager (AEM) versions 6.5.22 and earlier are affected by a DOM-based XSS vulnerability. The issue allows a low-privileged attacker to manipulate the DOM to execute malicious JavaScript in a victim’s browser, with exploitation requiring user interaction (victim visits a crafted p...

5.4CVSS5.4AI score0.00205EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/20 4:58 p.m.3 views

CVE-2025-46856 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. A low privileged attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation ...

5.4CVSS5.8AI score0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 12:52 p.m.10 views

CVE-2025-54172 Stored Cross-Site Scripting in QuickCMS

QuickCMS is vulnerable to Stored XSS in sTitle parameter in page editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. Regular admin user is not able to inject any JS scripts into th...

4.8CVSS0.0018EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.3 views

CVE-2025-49065

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BestiaDurmiente Visit Counter visit-counter allows Stored XSS.This issue affects Visit Counter: from n/a through = 1.0...

7.1CVSS5.9AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/14 6:24 p.m.6 views

CVE-2025-49557

Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. A successful attacker...

8.7CVSS5AI score0.00604EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 11:15 a.m.3 views

CVE-2025-49065

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BestiaDurmiente Visit Counter visit-counter allows Stored XSS.This issue affects Visit Counter: from n/a through = 1.0...

7.1CVSS0.00213EPSS
Exploits0References1
Rows per page
Query Builder