CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5207 matches found

RedhatCVE•added 2025/05/22 3:47 p.m.•4 views

CVE-2020-23205

A stored cross site scripting XSS vulnerability in Monstra CMS version 3.0.4 allows attackers to execute arbitrary web scripts or HTML via crafted a payload entered into the "Site Name" field under the "Site Settings" module...

5.4CVSS5.6AI score0.00236EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:46 p.m.•8 views

CVE-2020-20695

A stored cross-site scripting XSS vulnerability in GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file...

5.4CVSS5.5AI score0.00261EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:46 p.m.•4 views

CVE-2020-20988

A cross site scripting XSS vulnerability in the /domains/cost-by-owner.php component of Domainmod 4.13 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the "or Expiring Between" parameter...

5.4CVSS5.7AI score0.02329EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:45 p.m.•5 views

CVE-2020-19950

A cross-site scripting XSS vulnerability in the /banner/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML...

4.8CVSS6AI score0.00321EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:34 p.m.•7 views

CVE-2020-36409

A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module...

5.4CVSS5.6AI score0.00275EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:34 p.m.•7 views

CVE-2020-36413

A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under the "Maintenance Mode" module...

5.4CVSS5.5AI score0.00275EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:33 p.m.•5 views

CVE-2020-36411

A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Path for the pageimage tag:" or "Path for thumbnail field:" parameters under the "Content Editing Settings" module...

5.4CVSS5.6AI score0.00275EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:26 p.m.•4 views

CVE-2020-23185

A stored cross site scripting XSS vulnerability in /administration/settingsecurity.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.4AI score0.00481EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:25 p.m.•5 views

CVE-2020-27428

A DOM-based cross-site scripting XSS vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted sb3 file...

6.1CVSS5.7AI score0.00328EPSS

Exploits0

RedhatCVE•added 2025/05/22 3:23 p.m.•5 views

CVE-2020-25876

A stored cross site scripting XSS vulnerability in the 'Pages' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Page Title' parameter...

5.4CVSS5.5AI score0.00287EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:23 p.m.•7 views

CVE-2020-25878

A stored cross site scripting XSS vulnerability in the 'Admin-Tools' feature of BlackCat CMS 1.3.6 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads entered into the 'Output Filters' and 'Droplets' modules...

4.8CVSS5.5AI score0.00328EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:22 p.m.•5 views

CVE-2020-25394

A stored cross site scripting XSS vulnerability in moziloCMS 2.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Content" parameter...

5.4CVSS5.4AI score0.00352EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:20 p.m.•3 views

CVE-2020-23181

A reflected cross site scripting XSS vulnerability in /administration/theme.php of PHP-Fusion 9.03.60 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Manage Theme" field...

5.4CVSS5.6AI score0.00533EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:19 p.m.•5 views

CVE-2020-21639

Ruijie RG-UAC 6000-E50 commit 9071227 was discovered to contain a cross-site scripting XSS vulnerability via the rulename parameter. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS6.2AI score0.0024EPSS

Exploits0

RedhatCVE•added 2025/05/22 3:19 p.m.•3 views

CVE-2020-21496

A cross-site scripting XSS vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via the sitebrief parameter...

6.1CVSS5.8AI score0.00223EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:17 p.m.•6 views

CVE-2020-20129

LaraCMS v1.0.1 contains a stored cross-site scripting XSS vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content editor...

5.4CVSS5.5AI score0.00281EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:16 p.m.•4 views

CVE-2020-18126

Multiple stored cross-site scripting XSS vulnerabilities in the Sections module of Indexhibit 2.1.5 allows attackers to execute arbitrary web scripts or HTML...

5.4CVSS6.1AI score0.00172EPSS

Exploits1

RedhatCVE•added 2025/05/22 12:25 a.m.•3 views

CVE-2011-1129

Cross-site scripting XSS vulnerability in the EditNews function in ManageNews.php in Simple Machines Forum SMF before 1.1.13, and 2.x before 2.0 RC5, might allow remote authenticated users to inject arbitrary web script or HTML via a saveitems action...

3.5CVSS5.5AI score0.00253EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 11:50 p.m.•4 views

CVE-2003-1539

Cross-site scripting XSS vulnerability in ONEdotOH Simple File Manager SFM before 0.21 allows remote attackers to inject arbitrary web script or HTML via 1 file names and 2 directory names...

4.3CVSS5.9AI score0.00285EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 10:37 p.m.•4 views

CVE-2006-7190

Cross-site scripting XSS vulnerability in cgi-bin/user-lib/topics.pl in web-app.net WebAPP before 20060515 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the viewnews function, related to use of doubbctopic instead of doubbc...

4.3CVSS5.9AI score0.00297EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by