CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2026/01/09 12:36 p.m.•4 views

CVE-2023-49971

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customersupport/index.php?page=customerlist...

6.1CVSS5.7AI score0.00304EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-24793

Malware in sbrugna...

6.1CVSS6.3AI score0.0021EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2024-44032

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.0038EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-29335

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00109EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-16855

Malicious code in bioql PyPI...

6.4CVSS7.2AI score0.00208EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-32814

Malicious code in bioql PyPI...

7.2CVSS6.5AI score0.00431EPSS

Exploits0References2

Positive Technologies•added 2025/07/03 12:0 a.m.•3 views

PT-2025-27775 · Unknown +1 · Prettyphoto +1

Name of the Vulnerable Software and Affected Versions: WordPress plugins affected versions not specified Description: The issue is related to Stored Cross-Site Scripting via the plugin's bundled prettyPhoto library, specifically version 3.1.6, due to insufficient input sanitization and output...

6.4CVSS5.5AI score0.00451EPSS

Exploits0References10

RedhatCVE•added 2025/05/22 9:47 p.m.•4 views

CVE-2022-45028

A cross-site scripting XSS vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha...

6.1CVSS5.8AI score0.00338EPSS

Exploits1References1

CVE•added 2024/11/21 2:6 a.m.•45 views

CVE-2024-11385

CVE-2024-11385 affects the WordPress plugin Pure CSS Circle Progress bar (versions ≤ 1.2). The issue is a Stored Cross-Site Scripting vulnerability in the circle_progress shortcode due to insufficient input sanitization and output escaping of user-supplied attributes. Exploitation requires at lea...

6.4CVSS5.4AI score0.00114EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/11/19 3:34 p.m.•12 views

CVE-2021-39353 Easy Registration Forms <= 2.1.1 Cross-Site Request Forgery to Stored Cross-Site Scripting

The Easy Registration Forms WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the ajaxaddform function found in the /includes/class-form.php file which made it possible for attackers to inject arbitrary web scripts in versions up to, and including...

8.8CVSS8.8AI score0.00086EPSS

Exploits0References2

CNVD•added 2017/05/04 12:0 a.m.•2 views

Novell iManager and NetIQ iManager Cross-Site Scripting Vulnerabilities

NetIQ iManager is a WEB-based application from NetIQ, Inc. that allows you to use wireless devices to manage and configure eDirectory objects. novell iManager is a WEB-based application from Novell, Inc. that allows you to use wireless devices to manage and configure novell eDirectory objects. A...

6.1CVSS6.3AI score0.00661EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by