CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27433 matches found

RedhatCVE•added 2025/05/22 6:27 p.m.•7 views

CVE-2021-27558

A cross site scripting XSS issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator...

6.1CVSS6.4AI score0.00838EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 6:25 p.m.•8 views

CVE-2021-25204

Cross-site scripting XSS vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedbackprocess.php...

5.4CVSS6.1AI score0.00658EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 5:41 p.m.•7 views

CVE-2020-5528

Cross-site scripting vulnerability in Movable Type series Movable Type 7 r.4603 and earlier Movable Type 7, Movable Type 6.5.2 and earlier Movable Type 6.5, Movable Type Advanced 7 r.4603 and earlier Movable Type Advanced 7, Movable Type Advanced 6.5.2 and earlier Movable Type Advanced 6.5, Movab...

6.1CVSS6.3AI score0.00839EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:35 p.m.•5 views

CVE-2020-9439

Multiple cross-site scripting XSS vulnerabilities in Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4 allows authenticated remote attackers to inject arbitrary web script or HTML via the searchkey GET Parameter in TinCanContentListTable.php, message GET Parameter in licensing.php,...

6.1CVSS5.8AI score0.00772EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:43 p.m.•9 views

CVE-2020-5570

Cross-site scripting vulnerability in Sales Force Assistant version 11.2.48 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS6AI score0.00849EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:43 p.m.•3 views

CVE-2020-5557

Cross-site scripting vulnerability in CuteNews 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.5AI score0.00773EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:43 p.m.•5 views

CVE-2020-5559

Cross-site scripting vulnerability in WL-Enq 1.11 and 1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.5AI score0.00773EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:42 p.m.•6 views

CVE-2020-5568

Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 5.0.0 allows remote attackers to inject arbitrary web script or HTML via the applications 'Messages' and 'Bulletin Board'...

6.1CVSS6.4AI score0.00781EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:34 p.m.•6 views

CVE-2020-26166

The file upload functionality in qdPM 9.1 doesn't check the file description, which allows remote authenticated attackers to inject web script or HTML via the attachments info parameter, aka XSS. This can occur during creation of a ticket, project, or task...

5.4CVSS6.4AI score0.00839EPSS

Exploits0

RedhatCVE•added 2025/05/22 4:31 p.m.•5 views

CVE-2020-24194

A Cross-site scripting XSS vulnerability in 'user-profile.php' in SourceCodester Daily Tracker System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'fullname' parameter...

6.1CVSS5.9AI score0.00835EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:31 p.m.•6 views

CVE-2020-23518

Cross Site Scripting XSS vulnerability in UltimateKode Neo Billing - Accounting, Invoicing And CRM Software up to version 3.5 which allows remote attackers to inject arbitrary web script or HTML...

5.4CVSS6AI score0.02001EPSS

Exploits2

RedhatCVE•added 2025/05/22 4:30 p.m.•7 views

CVE-2020-23037

Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST request...

9.8CVSS7.6AI score0.01435EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:28 p.m.•5 views

CVE-2020-19962

A stored cross-site scripting XSS vulnerability in the getClientIp function in /lib/tinwin.class.php of Chaoji CMS 2.39, allows attackers to execute arbitrary web scripts...

5.4CVSS5.8AI score0.00562EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:28 p.m.•6 views

CVE-2020-19283

A reflected cross-site scripting XSS vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS5.9AI score0.03004EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:27 p.m.•11 views

CVE-2020-18470

Stored cross-site scripting XSS vulnerability in the Name of application field found in the General Configuration page in Rukovoditel 2.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to...

5.4CVSS5.3AI score0.00515EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:27 p.m.•7 views

CVE-2020-18282

Cross-site scripting XSS vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrary web script or HTML via feedback feature...

6.1CVSS5.9AI score0.00521EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:11 p.m.•4 views

CVE-2020-11845

Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML...

6.1CVSS6.6AI score0.00765EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:11 p.m.•9 views

CVE-2020-21087

Cross Site Scripting XSS in X2Engine X2CRM v6.9 and older allows remote attackers to execute arbitrary code by injecting arbitrary web script or HTML via the "New Name" field of the "Rename a Module" tool...

6.1CVSS6.5AI score0.0135EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:9 p.m.•8 views

CVE-2020-21362

A cross site scripting XSS vulnerability in the background search function of Maccms10 allows attackers to execute arbitrary web scripts or HTML via the 'wd' parameter...

5.4CVSS5.9AI score0.00475EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:7 p.m.•9 views

CVE-2020-25495

A reflected Cross-site scripting XSS vulnerability in Xinuo formerly SCO Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'...

6.1CVSS5.8AI score0.08142EPSS

Exploits3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by