CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5210 matches found

Prion•added 2023/09/20 7:15 p.m.•15 views

Cross site scripting

A cross-site scripting XSS vulnerability in /hoteldruid/clienti.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the nometipotariffa1 parameter...

4.9CVSS5.2AI score0.0011EPSS

Exploits1References1Affected Software1

UbuntuCve•added 2023/09/20 7:15 p.m.•14 views

CVE-2023-43377

A cross-site scripting XSS vulnerability in /hoteldruid/visualizzacontratto.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the destinatarioemail1 parameter...

5.4CVSS6.2AI score0.0011EPSS

Exploits1References2

NVD•added 2023/09/20 3:15 a.m.•8 views

CVE-2023-5062

The WordPress Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wpcharts' shortcode in versions up to, and including, 0.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

6.4CVSS5.7AI score0.00096EPSS

Exploits0References3

Prion•added 2023/09/20 3:15 a.m.•11 views

Cross site scripting

4.9CVSS5.2AI score0.00096EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2023/09/20 2:31 a.m.•4 views

CVE-2023-5062 WordPress Charts <= 0.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4CVSS6.8AI score0.00096EPSS

Exploits0References3

NVD•added 2023/09/20 12:15 a.m.•7 views

CVE-2023-39575

A reflected cross-site scripting XSS vulnerability in the urlstr URL parameter of ISL ARP Guard v4.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.3AI score0.0021EPSS

Exploits1References1

Prion•added 2023/09/20 12:15 a.m.•16 views

Cross site scripting

A reflected cross-site scripting XSS vulnerability in the urlstr URL parameter of ISL ARP Guard v4.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

4.9CVSS5.3AI score0.0021EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/09/20 12:0 a.m.•16 views

CVE-2023-43376

5.4AI score0.0011EPSS

Exploits1References1

Vulnrichment•added 2023/09/20 12:0 a.m.•10 views

CVE-2023-43377

5.7AI score0.0011EPSS

Exploits1References1

Vulnrichment•added 2023/09/20 12:0 a.m.•9 views

CVE-2023-43376

5.7AI score0.0011EPSS

Exploits1References1

Debian CVE•added 2023/09/20 12:0 a.m.•16 views

CVE-2023-43376

5.4CVSS5.2AI score0.0011EPSS

Exploits1

Cvelist•added 2023/09/19 12:0 a.m.•11 views

CVE-2023-39575

A reflected cross-site scripting XSS vulnerability in the urlstr URL parameter of ISL ARP Guard v4.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.5AI score0.0021EPSS

Exploits1References1

Vulnrichment•added 2023/09/19 12:0 a.m.•12 views

CVE-2023-39575

A reflected cross-site scripting XSS vulnerability in the urlstr URL parameter of ISL ARP Guard v4.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.8AI score0.0021EPSS

Exploits1References1

NVD•added 2023/09/16 5:15 a.m.•14 views

CVE-2023-5001

The Horizontal scrolling announcement plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'horizontal-scrolling' shortcode in versions up to, and including, 9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.7AI score0.00103EPSS

Exploits0References2

Vulnrichment•added 2023/09/16 12:0 a.m.•13 views

CVE-2023-39777

A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...

5.9AI score0.00143EPSS

Exploits1References1

Cvelist•added 2023/09/16 12:0 a.m.•13 views

CVE-2023-39777

A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...

5.5AI score0.00143EPSS

Exploits1References1

OSV•added 2023/09/15 3:15 a.m.•21 views

CVE-2023-40982

A stored cross-site scripting XSS vulnerability in Webmin v2.100 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cloned module name parameter...

5.4CVSS5.7AI score0.00255EPSS

Exploits1References2

Prion•added 2023/09/15 3:15 a.m.•15 views

Cross site scripting

The WS Facebook Like Box Widget for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ws-facebook-likebox' shortcode in versions up to, and including, 5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

4.9CVSS5.2AI score0.00159EPSS

Exploits0References2Affected Software1

OSV•added 2023/09/15 1:15 a.m.•27 views

CVE-2023-40986

A stored cross-site scripting XSS vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field...

5.4CVSS5.7AI score0.00333EPSS

Exploits1References2

Prion•added 2023/09/15 1:15 a.m.•18 views

Cross site scripting

4.9CVSS5.3AI score0.00333EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by