CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-22978

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.0021EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-30354

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.0025EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 3:29 a.m.•7 views

CVE-2023-26559

A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. XML Web Author 24.1.0.3 build 2023021714 and 23.1.1.4 build...

5.3CVSS6.7AI score0.0025EPSS

Exploits0References1

RedhatCVE•added 2025/02/14 9:16 a.m.•6 views

CVE-2024-25662

Oxygen XML Web Author v26.0.0 and older and Oxygen Content Fusion v6.1 and older are vulnerable to Cross-Site Scripting XSS for malicious URLs...

6.1CVSS5.9AI score0.0021EPSS

Exploits0References1

NVD•added 2024/05/14 3:5 p.m.•4 views

CVE-2024-25662

Oxygen XML Web Author v26.0.0 and older and Oxygen Content Fusion v6.1 and older are vulnerable to Cross-Site Scripting XSS for malicious URLs...

6.1CVSS5.8AI score0.0021EPSS

Exploits0References1

CNNVD•added 2024/05/14 12:0 a.m.•1 views

Oxygen XML Web Author 安全漏洞

SyncRO Soft Oxygen XML Web Author is an XML editor from SyncRO Soft. A security vulnerability exists in Oxygen XML Web Author version v26.0.0 and earlier, and Oxygen Content Fusion version v6.1 and earlier. An attacker could exploit this vulnerability to conduct cross-site scripting attacks...

6.1CVSS6.1AI score0.0021EPSS

Exploits0References2

Cvelist•added 2024/05/13 7:9 p.m.•11 views

CVE-2024-25662

Oxygen XML Web Author v26.0.0 and older and Oxygen Content Fusion v6.1 and older are vulnerable to Cross-Site Scripting XSS for malicious URLs...

5.9AI score0.0021EPSS

Exploits0References1

Vulnrichment•added 2024/05/13 7:9 p.m.•11 views

CVE-2024-25662

Oxygen XML Web Author v26.0.0 and older and Oxygen Content Fusion v6.1 and older are vulnerable to Cross-Site Scripting XSS for malicious URLs...

6AI score0.0021EPSS

Exploits0References1

Positive Technologies•added 2024/05/13 12:0 a.m.•2 views

PT-2024-21079 · Syncro Soft · Oxygen Xml Web Author +1

Name of the Vulnerable Software and Affected Versions: Oxygen XML Web Author versions prior to 26.0.0 Oxygen Content Fusion versions prior to 6.1 Description: The issue allows for Cross-Site Scripting XSS attacks using malicious URLs. Recommendations: For Oxygen XML Web Author versions prior to...

6.1CVSS6.3AI score0.0021EPSS

Exploits0References2

OSV•added 2023/04/14 1:15 p.m.•1 views

CVE-2023-26559

5.3CVSS5.8AI score

Exploits0References2

NVD•added 2023/04/14 1:15 p.m.•8 views

CVE-2023-26559

5.3CVSS5.1AI score0.0025EPSS

Exploits0References2

Prion•added 2023/04/14 1:15 p.m.•12 views

Directory traversal

5CVSS5.1AI score0.0025EPSS

Exploits0References2Affected Software2

Vulnrichment•added 2023/04/14 12:0 a.m.•6 views

CVE-2023-26559

6.7AI score0.0025EPSS

Exploits0References2

Positive Technologies•added 2023/04/14 12:0 a.m.•5 views

PT-2023-20727 · Syncro Soft · Oxygen Content Fusion +1

Name of the Vulnerable Software and Affected Versions: Oxygen XML Web Author versions prior to 25.0.0.3 build 2023021715 Oxygen Content Fusion versions prior to 5.0.3 build 2023022015 Description: A directory traversal issue allows an attacker to read files from a WEB-INF directory via a crafted...

5.3CVSS5.1AI score0.0025EPSS

Exploits0References4

CNNVD•added 2023/04/14 12:0 a.m.•3 views

Syncro Soft Oxygen XML WebHelp 路径遍历漏洞

Syncro Soft Oxygen XML WebHelp is for converting DITA and DocBook resources to WebHelp output from Syncro Soft Romania. A security vulnerability exists in Oxygen XML Web Author versions prior to 25.0.0.3 build 2023021715, Oxygen Content Fusion versions prior to 5.0.3 build 2023022015, which...

5.3CVSS5.8AI score0.0025EPSS

Exploits0References3

CVE•added 2023/04/14 12:0 a.m.•55 views

CVE-2023-26559

The CVE-2023-26559 entry describes a directory traversal flaw in Syncro Soft Oxygen XML Web Author (pre-25.0.0.3 build 2023021715) and Oxygen Content Fusion (pre-5.0.3 build 2023022015) that lets an attacker read files under WEB-INF via a crafted HTTP request. Affected versions include XML Web Au...

5.3CVSS5.1AI score0.0025EPSS

Exploits0References2Affected Software2

Cvelist•added 2023/04/14 12:0 a.m.•10 views

CVE-2023-26559

5.4AI score0.0025EPSS

Exploits0References2

Exploit DB•added 2017/12/11 12:0 a.m.•59 views

Freelance Website Script 2.0.6 - 'pr_id' / 'catid' SQL Injection

Exploit Title: Freelance Website Script 2.0.6 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/freelance-website-script/ Version: 2.0.6 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Explo...

7.4AI score

Exploits0

seebug.org•added 2009/06/23 12:0 a.m.•12 views

Joomla Component com_tickets <= 2.1 (id) SQL Injection Vuln

No description provided by source. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Joomla Component comtickets id SQL-injection Vulnerability ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + Author : Chip D3 Bi0s + Email :...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by