Lucene search
+L

701 matches found

nvd
nvd
added 2025/12/02 10:16 a.m.14 views

CVE-2025-13873

Stored Cross-Site Scripting XSS in the survey-import feature of ObjectPlanet Opinio 7.26 rev12562 on web application allows an attacker to inject arbitrary JavaScript code, which executes in the browsing context of any visitor accessing the compromised survey...

5.4CVSS0.0017EPSS
Exploits0References1
euvd
euvd
added 2025/12/02 9:56 a.m.5 views

EUVD-2025-200215

Stored Cross-Site Scripting XSS in the survey-import feature of ObjectPlanet Opinio 7.26 rev12562 on web application allows an attacker to inject arbitrary JavaScript code, which executes in the browsing context of any visitor accessing the compromised survey...

4.8CVSS5.1AI score0.0017EPSS
Exploits0References2
cve
cve
added 2025/11/25 12:0 a.m.38 views

CVE-2025-51745

CVE-2025-51745 affects jishenghua JSH_ERP 2.3.1. The /role/addcan endpoint is vulnerable to fastjson deserialization attacks due to the deserialization flaw in that endpoint. The CVSS metrics indicate a high-severity, network-exposed chain with no user interaction and total impact on confidential...

9.8CVSS6.7AI score0.00416EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2025/11/24 11:27 a.m.14 views

CVE-2025-41087 Cross-Site Scripting (XSS) stored in Taclia's web application

Cross-Site Scripting XSS vulnerability stored in tha Taclia web application, where the uploaded SVG images are not properly sanitized. This allows to the attackers to embed malicious scripts in SVG files such as image profiles, which are then stored on the server and executed in the context of an...

5.1CVSS0.00255EPSS
Exploits0References1
euvd
euvd
added 2025/11/20 3:30 p.m.5 views

EUVD-2025-198264

phppgadmin vulnerable to Cross-site Scripting...

6.1AI score0.00203EPSS
Exploits0References5
osv
osv
added 2025/11/17 5:15 p.m.6 views

CVE-2024-44641

PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the oldpass parameter in change-password.php...

6.5CVSS5.8AI score0.00235EPSS
Exploits1References2
cnnvd
cnnvd
added 2025/11/17 12:0 a.m.3 views

PHPGurukul Online Shopping Portal 安全漏洞

Online Shopping Portal is an online store system. Online Shopping Portal suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the product parameter of search-result.php. An attacker can exploit this vulnerability to execute...

6.5CVSS8.2AI score0.00235EPSS
Exploits1References3
redhatcve
redhatcve
added 2025/11/07 7:58 p.m.6 views

CVE-2025-34237

Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross-site scripting XSS vulnerability via StandaloneVpnClientsController.addStandaloneVpnClientAction. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the...

6.3CVSS6AI score0.00197EPSS
Exploits0References1
euvd
euvd
added 2025/10/31 2:12 p.m.4 views

EUVD-2025-37353

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login...

5.1CVSS6.4AI score0.00352EPSS
Exploits0References3
euvd
euvd
added 2025/10/30 9:30 p.m.4 views

EUVD-2024-28045

HCL DRYiCE AEX is impacted by a lack of clickjacking protection in the AEX web application. An attacker can use multiple transparent or opaque layers to trick a user into clicking on a button or link on another page than the one intended...

6.1CVSS6.4AI score0.00364EPSS
Exploits0References2
packetstorm
packetstorm
added 2025/10/30 12:0 a.m.141 views

📄 LEPTON 7.4.0 Remote Code Execution

LEPTON CMS version 7.4.0 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary system commands through the Droplets functionality. This vulnerability arises from improper input validation and execution control within the Droplets feature...

8.6AI score
Exploits0
nvd
nvd
added 2025/10/27 2:15 a.m.6 views

CVE-2025-12202

A security flaw has been discovered in ajayrandhawa User-Management-PHP-MYSQL web up to fedcf58797bf2791591606f7b61fdad99ad8bff1. This vulnerability affects unknown code. Performing manipulation results in cross-site request forgery. The attack can be initiated remotely. The exploit has been...

5.3CVSS0.00265EPSS
Exploits1References4
cvelist
cvelist
added 2025/10/15 1:55 p.m.10 views

CVE-2025-59269 BIG-IP Configuration utility XSS vulnerability

A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.4CVSS0.00263EPSS
Exploits0References1
cvelist
cvelist
added 2025/10/09 4:2 p.m.6 views

CVE-2025-59978 Junos Space: Stored cross-site scripting vulnerability in web application

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to store script tags directly in web pages that, when viewed by another user, enable the attacker to execute commands with the target's...

9.4CVSS0.00572EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-3112

Malware in sbrugna...

6.1CVSS6.3AI score0.01417EPSS
Exploits2References4
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-1184

Malware in sbrugna...

5.5CVSS6.4AI score0.01143EPSS
Exploits0References7
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-1174

Malware in sbrugna...

5.8CVSS6.4AI score0.01107EPSS
Exploits0References9
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-15162

Malware in sbrugna...

4.3CVSS4.9AI score0.00548EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-8164

Malware in sbrugna...

7.5CVSS7.4AI score0.01118EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-1179

Malware in sbrugna...

6.4CVSS6.4AI score0.01047EPSS
Exploits0References6
Rows per page
Query Builder