CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27433 matches found

CVE•added 2023/05/24 12:16 p.m.•57 views

CVE-2023-33937

CVE-2023-33937 is a stored XSS weakness in the Form widget configuration of Liferay Portal 7.1.0–7.3.0 and Liferay DXP 7.1 (before fix pack 18) and 7.2 (before fix pack 5). The vulnerability allows remote attackers to inject arbitrary script/HTML via a crafted payload in the form’s name field. Se...

5.4CVSS5.2AI score0.00446EPSS

Exploits0References1Affected Software2

CNVD•added 2023/05/23 12:0 a.m.•18 views

IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2023-41890)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server version 11.7,...

5.5CVSS6.1AI score0.00368EPSS

Exploits0References1

CNVD•added 2023/05/23 12:0 a.m.•11 views

Class Scheduling System Cross-Site Scripting Vulnerability

Class Scheduling System is a class scheduling system. A cross-site scripting vulnerability exists in Class Scheduling System v1.0, which originates from the lack of effective filtering and escaping of user-supplied data in the AcademicRank parameter of the file /admin/saveteacher.php in the...

6.1CVSS6.3AI score0.0059EPSS

Exploits1References1

CNVD•added 2023/05/20 12:0 a.m.•15 views

LavaLite Cross-Site Scripting Vulnerability (CNVD-2023-41501)

LavaLite is an open source lightweight content management system CMS. A cross-site scripting vulnerability exists in LavaLite version v9.0.0, which stems from the lack of effective filtering and escaping of user-supplied data by the account name, and can be exploited by an attacker to execute...

5.4CVSS6.3AI score0.00384EPSS

Exploits1References1

CNVD•added 2023/05/19 12:0 a.m.•7 views

phpMyFAQ cross-site scripting vulnerability (CNVD-2023-39428)

phpMyFAQ is a multi-language, fully database-driven FAQ system. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.2.0-beta. The vulnerability stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacke...

7.2CVSS6AI score0.00541EPSS

Exploits1References1

CNVD•added 2023/05/19 12:0 a.m.•17 views

ChurchCRM Cross-Site Scripting Vulnerability (CNVD-2023-64495)

ChurchCRM is an open source CRM system for churches. A cross-site scripting vulnerability exists in ChurchCRM v4.5.4. The vulnerability stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary Web scrip...

4.8CVSS6.3AI score0.01508EPSS

Exploits3References1

CNVD•added 2023/05/19 12:0 a.m.•11 views

Bludit cross-site scripting vulnerability (CNVD-2023-43230)

Bludit is an open source, lightweight blog content management system CMS. A cross-site scripting vulnerability exists in Bludit version v3.14.1. The vulnerability stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to...

5.4CVSS6.3AI score0.02586EPSS

Exploits4References1

CNVD•added 2023/05/18 12:0 a.m.•17 views

Guest Management System Cross-Site Scripting Vulnerability (CNVD-2023-41504)

The Guest Management System is a web-based system designed to monitor the records of everyone who enters a school or college. A cross-site scripting vulnerability exists in Guest Management System v1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the...

6.1CVSS5.1AI score0.00481EPSS

Exploits0References1

CNVD•added 2023/05/17 12:0 a.m.•14 views

File Tracker Manager System Cross-Site Scripting Vulnerability

File Tracker Manager System is a file tracker manager system. File Tracker Manager System v1.0 version of a cross-site scripting vulnerability, the vulnerability stems from the /filemanager/admin/saveuser.php parameter firstname of the user-supplied data lack of effective filtering and escaping, ...

5.4CVSS6.3AI score0.00592EPSS

Exploits1References1

CNVD•added 2023/05/17 12:0 a.m.•16 views

CraftCMS Code Injection Vulnerability

CraftCMS is a CMS program. CraftCMS version v3.8.1 suffers from a code injection vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by Section parameters, which can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a...

8.8CVSS7.8AI score0.01416EPSS

Exploits1References1

CNVD•added 2023/05/17 12:0 a.m.•20 views

IBM Planning Analytics Cross-Site Scripting Vulnerability (CNVD-2023-41893)

IBM Planning Analytics is a suite of business planning analytics solutions from International Business Machines IBM. The solution supports automated execution of processes such as business planning, budgeting and analysis. A cross-site scripting vulnerability exists in IBM Planning Analytics Loca...

6.4CVSS6.3AI score0.0035EPSS

Exploits0References1

CNVD•added 2023/05/10 12:0 a.m.•24 views

Apache Airflow Cross-Site Scripting Vulnerability (CNVD-2023-52700)

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A cross-site scripting vulnerability exists in Apache Airflow versions prior to...

4.9CVSS6.3AI score0.01911EPSS

Exploits0Affected Software1

CNVD•added 2023/05/09 12:0 a.m.•24 views

F5 BIG-IP Cross-Site Scripting Vulnerability (CNVD-2023-82308)

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. F5 BIG-IP suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and...

7.5CVSS6.4AI score0.00387EPSS

Exploits0References1

Vulnrichment•added 2023/05/09 12:0 a.m.•7 views

CVE-2023-30057

Multiple stored cross-site scripting XSS vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4AI score0.00637EPSS

Exploits2References3

NVD•added 2023/05/08 2:15 p.m.•28 views

CVE-2020-18282

Cross-site scripting XSS vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrary web script or HTML via feedback feature...

6.1CVSS6.1AI score0.00521EPSS

Exploits1References2

OSV•added 2023/05/08 2:15 p.m.•21 views

CVE-2020-18282

Cross-site scripting XSS vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrary web script or HTML via feedback feature...

6.1CVSS6AI score

Exploits0References2

Prion•added 2023/05/08 2:15 p.m.•20 views

Cross site scripting

Cross-site scripting XSS vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrary web script or HTML via feedback feature...

5.8CVSS6AI score0.00521EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/05/08 12:0 a.m.•39 views

CVE-2020-18282

Cross-site scripting XSS vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrary web script or HTML via feedback feature...

6.1AI score0.00521EPSS

Exploits1References2

CNVD•added 2023/05/06 12:0 a.m.•20 views

ASUS RT-AC51U Cross-Site Scripting Vulnerability

The ASUS RT-AC51U is a wireless router from the Chinese company ASUS. A cross-site scripting vulnerability exists in ASUS RT-AC51U 3.0.0.4.380.8591 and earlier versions, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an...

5.2CVSS6.2AI score0.11578EPSS

Exploits1References1

CNVD•added 2023/05/05 12:0 a.m.•17 views

Cpanel Cross-Site Scripting Vulnerability (CNVD-2023-36314)

Cpanel is a set of Web-based automated colocation platform from Cpanel, Inc. in the United States. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in versions of Cpanel prior to 11.109.9999.116. The vulnerability stems...

6.1CVSS6.1AI score0.65533EPSS

Exploits7References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by