CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

171 matches found

RedhatCVE•added 2026/06/10 9:3 p.m.•8 views

CVE-2026-47990

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:4 p.m.•2 views

CVE-2026-21284

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

8.1CVSS5.7AI score0.00382EPSS

Exploits0References1

EUVD•added 2026/03/11 3:31 a.m.•4 views

EUVD-2026-11037

8.1CVSS5.7AI score0.00382EPSS

Exploits0References2

NVD•added 2026/03/11 3:15 a.m.•5 views

CVE-2026-21361

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vvulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript m...

8.1CVSS0.00445EPSS

Exploits0References1

ATTACKERKB•added 2026/03/11 2:19 a.m.•3 views

CVE-2026-21290

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may...

8.7CVSS5.7AI score0.00452EPSS

Exploits0References2

OSV•added 2026/03/11 1:16 a.m.•0 views

CVE-2026-27244

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.7AI score

Exploits0References1

Vulnrichment•added 2026/01/27 4:31 p.m.•5 views

CVE-2026-1480 Out-of-band SQL injection in Quatuor Performance Evaluation

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' in '/evaluacionobjetivosanyosigevalua.aspx', could allow an attacker to...

9.3CVSS5.8AI score0.00327EPSS

Exploits0References1

EUVD•added 2026/01/27 4:30 p.m.•4 views

EUVD-2026-4749

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' and 'Idevaluacion’ in ‘/evaluacioncompetenciasevaluaold.aspx’, could allow ...

9.3CVSS5.8AI score0.00327EPSS

Exploits0References1

RedhatCVE•added 2026/01/16 2:20 a.m.•4 views

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

6.1CVSS5.8AI score0.00216EPSS

Exploits2References1

GithubExploit•added 2026/01/08 4:45 p.m.•151 views

Cross-Site-Scripting---XSS

Cross Site Scripting XSS Assignment Objective Demonstrate Cro...

5.7AI score

Exploits0

RedhatCVE•added 2025/12/11 7:1 p.m.•4 views

CVE-2025-64808

Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.6AI score0.00205EPSS

Exploits0References1

RedhatCVE•added 2025/12/11 7:0 p.m.•2 views

CVE-2025-64863

5.4CVSS5.5AI score0.00167EPSS

Exploits0References1

NVD•added 2025/12/10 7:16 p.m.•4 views

CVE-2025-64791

5.4CVSS0.00205EPSS

Exploits0References1

NVD•added 2025/12/10 7:16 p.m.•3 views

CVE-2025-64559

5.4CVSS0.00167EPSS

Exploits0References1

Positive Technologies•added 2025/12/10 12:0 a.m.•4 views

PT-2025-50402

5.4CVSS5.6AI score0.00205EPSS

Exploits0References3

EUVD•added 2025/10/14 9:30 p.m.•3 views

EUVD-2025-34460

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

4.8CVSS5.1AI score0.00247EPSS

Exploits0References2

OSV•added 2025/07/24 4:15 p.m.•3 views

CVE-2025-46993

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

5.4CVSS5.7AI score0.00264EPSS

Exploits0References1

OSV•added 2025/06/10 11:15 p.m.•2 views

CVE-2025-47094

Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browse...

6.1CVSS5.7AI score

Exploits0References1

OSV•added 2025/06/10 11:15 p.m.•3 views

CVE-2025-47047

5.4CVSS5.7AI score

Exploits0References1

OSV•added 2025/06/10 11:15 p.m.•0 views

CVE-2025-47008

5.4CVSS5.8AI score0.00298EPSS

Exploits0References1

Rows per page