CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27424 matches found

RedhatCVE•added 2026/01/09 11:45 a.m.•5 views

CVE-2010-0326

Cross-site scripting XSS vulnerability in the Developer log devlog extension 2.9.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00322EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:44 a.m.•4 views

CVE-2010-0331

Cross-site scripting XSS vulnerability in the TV21 Talkshow tv21talkshow extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00318EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:44 a.m.•6 views

CVE-2010-0797

Cross-site scripting XSS vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00285EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:43 a.m.•9 views

CVE-2010-0979

Cross-site scripting XSS vulnerability in display.php in Obsession-Design Image-Gallery ODIG 1.1 allows remote attackers to inject arbitrary web script or HTML via the folder parameter...

4.3CVSS5.9AI score0.00322EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:43 a.m.•6 views

CVE-2010-0449

Cross-site scripting XSS vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS5.9AI score0.00645EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:42 a.m.•4 views

CVE-2001-1522

Cross-site scripting XSS vulnerability in im.php in IMessenger for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via a message...

4.3CVSS5.9AI score0.00021EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:41 a.m.•5 views

CVE-2001-1526

Cross-site scripting XSS vulnerability in the comments action in index.php in easyNews 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the zeit parameter...

4.3CVSS5.9AI score0.00351EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:38 a.m.•4 views

CVE-2003-1146

Cross-site scripting XSS vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...

6.8CVSS6AI score0.0063EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:26 a.m.•9 views

CVE-2021-33339

Cross-site scripting XSS vulnerability in the Fragment module in Liferay Portal 7.2.1 through 7.3.4, and Liferay DXP 7.2 before fix pack 9 allows remote attackers to inject arbitrary web script or HTML via the comliferaysiteadminwebportletSiteAdminPortletname parameter...

4.8CVSS5.9AI score0.00172EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:25 a.m.•2 views

CVE-2021-28901

Multiple cross-site scripting XSS vulnerabilities exist in SITA Software Azur CMS 1.2.3.1 and earlier, which allows remote attackers to inject arbitrary web script or HTML via the 1 NOMCLI , 2 ADRESSE , 3 ADRESSE2, 4 LOCALITE parameters to /eshop/products/json/aouCustomerAdresse; and the 5 nomlis...

5.4CVSS6AI score0.00214EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:2 a.m.•5 views

CVE-2007-4741

Cross-site scripting XSS vulnerability in admin/adminusers.php in Claroline before 1.8.6 allows remote authenticated administrators to inject arbitrary web script or HTML via the sort parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

3.5CVSS5.4AI score0.00236EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:57 a.m.•4 views

CVE-2022-38220

An XSS vulnerability exists within Quest KACE Systems Management Appliance SMA through 12.1 that may allow remote injection of arbitrary web script or HTML...

6.1CVSS6.5AI score0.00197EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:51 a.m.•6 views

CVE-2022-42110

A Cross-site scripting XSS vulnerability in the Announcements module in Liferay Portal 7.1.0 through 7.4.2, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML...

6.1CVSS6AI score0.00475EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:51 a.m.•4 views

CVE-2022-42118

A Cross-site scripting XSS vulnerability in the Portal Search module in Liferay Portal 7.1.0 through 7.4.2, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 15, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the tag parameter...

6.1CVSS5.9AI score0.13205EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:43 a.m.•4 views

CVE-2022-26597

Cross-site scripting XSS vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name...

6.1CVSS5.8AI score0.0023EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:27 a.m.•6 views

CVE-2008-6340

Cross-site scripting XSS vulnerability in the Vox populi mvvoxpopuli extension 0.3.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00309EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:25 a.m.•4 views

CVE-2008-6571

Multiple cross-site scripting XSS vulnerabilities in LinPHA before 1.3.4 might allow remote attackers to inject arbitrary web script or HTML via 1 newimages.php, 2 login.php, and unspecified vectors...

4.3CVSS6AI score0.00357EPSS

Exploits2References1

RedhatCVE•added 2026/01/09 10:25 a.m.•4 views

CVE-2008-6346

Cross-site scripting XSS vulnerability in the DR Wiki drwiki extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00248EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:11 a.m.•4 views

CVE-2019-11564

A cross-site scripting XSS vulnerability in HumHub 1.3.12 allows remote attackers to inject arbitrary web script or HTML via a /protected/vendor/codeception/codeception/tests/data/app/view/index.php POST request...

6.1CVSS5.5AI score0.01718EPSS

Exploits5References1

RedhatCVE•added 2026/01/09 10:9 a.m.•4 views

CVE-2019-11398

Multiple cross-site scripting XSS vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote attackers to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/index.php?action=favicon...

6.1CVSS5.8AI score0.02047EPSS

Exploits9References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by