Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5210 matches found

Vulnrichment
Vulnrichmentadded 2024/07/09 12:0 a.m.13 views

CVE-2024-40727

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/add/...

5.8AI score0.00308EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.14 views

CVE-2024-40734

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/front-ports/add/...

0.00398EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.12 views

CVE-2024-40729

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/add/...

0.00282EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.17 views

CVE-2024-40740

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-feeds/id/edit/...

0.00092EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/07/09 12:0 a.m.14 views

CVE-2024-40730

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/id/edit/...

5.6AI score0.00398EPSS
Exploits1References1
CVE
CVEadded 2024/07/09 12:0 a.m.59 views

CVE-2024-40737

NetBox (v4.0.3) contains an XSS vulnerability exposed via the Name parameter in the /dcim/console-ports/add API. The issue stems from inadequate input filtering/escaping, allowing crafted payloads to inject arbitrary HTML/JS. Multiple sources confirm the affected component and location; exploitat...

6.1CVSS5.6AI score0.00313EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2024/07/09 12:0 a.m.49 views

CVE-2024-40726

The CVE-2024-40726 entry concerns NetBox v4.0.3 with a cross-site scripting (XSS) vulnerability exposed via the Name parameter in /dcim/power-ports/{id}/edit/. The Red Hat and CNVD/CNVD-style entries corroborate the same flaw. Root cause: lack of proper filtering/escaping of user-supplied data in...

6.1CVSS5.6AI score0.00142EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2024/07/09 12:0 a.m.63 views

CVE-2024-40730

NetBox v4.0.3 contains an XSS vulnerability: a crafted payload placed in the Name parameter at /dcim/interfaces/{id}/edit/ can execute arbitrary HTML/JS in authenticated user sessions. The issue stems from insufficient input filtering/escaping in that endpoint. Impact is described as cross-site s...

6.1CVSS5.6AI score0.00398EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/07/09 12:0 a.m.16 views

CVE-2024-40731

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/id/edit/...

5.8AI score0.00313EPSS
Exploits1References1
CVE
CVEadded 2024/07/09 12:0 a.m.57 views

CVE-2024-40735

CVE-2024-40735 : A cross-site scripting (XSS) vulnerability affects NetBox v4.0.3. The issue arises from lack of proper filtering/escaping of user-supplied data in the Name parameter of the page /dcim/power-outlets/{id}/edit/ , allowing an attacker to inject arbitrary HTML/JS. The CVSS v3.1 base ...

6.1CVSS5.8AI score0.00313EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2024/07/09 12:0 a.m.54 views

CVE-2024-40727

NetBox v4.0.3 contains an XSS vulnerability in the /dcim/console-server-ports/add/ endpoint. A crafted payload inserted into the Name parameter can execute arbitrary web scripts/HTML in the context of the affected page. Root cause: insufficient filtering/escaping of user-supplied data leading to ...

6.1CVSS5.6AI score0.00308EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.13 views

CVE-2024-40731

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/id/edit/...

0.00313EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.15 views

CVE-2024-40737

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-ports/add...

0.00313EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.12 views

CVE-2024-40730

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/id/edit/...

0.00398EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/07/09 12:0 a.m.18 views

CVE-2024-40733

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/front-ports/id/edit/...

5.8AI score0.00398EPSS
Exploits1References1
CVE
CVEadded 2024/07/09 12:0 a.m.67 views

CVE-2024-40728

NetBox v4.0.3 is affected by an XSS flaw in the /dcim/console-server-ports/{id}/edit/ Name field due to insufficient filtering/escaping of user input. Multiple sources (Red Hat, CNVD, OSV, NVD, CVE listings) confirm a cross-site scripting vulnerability that could allow an attacker to inject arbit...

7.1CVSS5.8AI score0.00218EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/07/09 12:0 a.m.12 views

CVE-2024-40739

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-feeds/add...

5.6AI score0.00142EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.15 views

CVE-2024-40739

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-feeds/add...

0.00142EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/07/09 12:0 a.m.17 views

CVE-2024-40728

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/id/edit/...

0.00218EPSS
Exploits1References1
CVE
CVEadded 2024/07/09 12:0 a.m.57 views

CVE-2024-40740

CVE-2024-40740 is an XSS vulnerability in NetBox v4.0.3. The issue arises from insufficient filtering/escaping of user-supplied data in the Name parameter of the /dcim/power-feeds/{id}/edit/ endpoint, allowing an attacker to inject arbitrary HTML/JS. Multiple connected sources confirm the affecte...

7.1CVSS5.6AI score0.00092EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder