CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5210 matches found

CNVD•added 2023/05/04 12:0 a.m.•3 views

OURPHP ourphp_tz.php file cross-site scripting vulnerability

OURPHP is OURPHP open source an open source, cross-platform, enterprise-level + e-commerce + applet + APP multi-terminal synchronization CMS station-building system. OURPHP 7.2.0 version and previous versions of the existence of cross-site scripting vulnerability , the vulnerability stems from th...

6.1CVSS6.8AI score0.15204EPSS

Exploits1References1

Cvelist•added 2023/05/04 12:0 a.m.•12 views

CVE-2023-27075

A cross-site scripting vulnerability XSS in the component microbin/src/pasta.rs of Microbin v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.5AI score0.00198EPSS

Exploits1References2

CNNVD•added 2023/05/04 12:0 a.m.•2 views

TotalJS Flow 跨站脚本漏洞

TotalJS Flow is an open source application for the Total.js Platform. A security vulnerability exists in version v10 of TotalJS Flow. An attacker can exploit this vulnerability to execute arbitrary web script or HTML by injecting a specially crafted payload into the Platform Name field in the...

5.4CVSS6.1AI score0.00839EPSS

Exploits1References5

Cvelist•added 2023/05/04 12:0 a.m.•13 views

CVE-2023-30097

A stored cross-site scripting XSS vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task field...

5.4AI score0.00839EPSS

Exploits1References3

Cvelist•added 2023/05/04 12:0 a.m.•11 views

CVE-2023-30095

5.4AI score0.00839EPSS

Exploits1References3

Cvelist•added 2023/05/04 12:0 a.m.•14 views

CVE-2023-30184

A stored cross-site scripting XSS vulnerability in Typecho v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter at /index.php/archives/1/comment...

5.4AI score0.00198EPSS

Exploits1References1

Cvelist•added 2023/05/04 12:0 a.m.•15 views

CVE-2023-30096

5.5AI score0.00839EPSS

Exploits1References3

Cvelist•added 2023/05/04 12:0 a.m.•11 views

CVE-2023-30094

A stored cross-site scripting XSS vulnerability in TotalJS Flow v10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module...

5.4AI score0.00839EPSS

Exploits1References3

NVD•added 2023/05/03 9:15 p.m.•11 views

CVE-2023-30205

A stored cross-site scripting XSS vulnerability in DouPHP v1.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the uniqueid parameter in /admin/article.php...

4.8CVSS5AI score0.00243EPSS

Exploits0References1

Cvelist•added 2023/05/03 12:0 a.m.•11 views

CVE-2023-30205

5.1AI score0.00243EPSS

Exploits0References1

Prion•added 2023/04/28 9:15 p.m.•16 views

Cross site scripting

A cross-site scripting XSS vulnerability in Aigital Wireless-N Repeater MiniRouter v0.131229 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the wlssid parameter at /boafrm/formHomeWlanSetup...

4.9CVSS5.3AI score0.02587EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/04/28 12:0 a.m.•10 views

CVE-2023-30405

5.5AI score0.02587EPSS

Exploits1References1

OSV•added 2023/04/27 3:15 p.m.•13 views

CVE-2023-30338

Multiple stored cross-site scripting XSS vulnerabilities in Emlog Pro v2.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Article Title or Article Summary parameters...

5.4CVSS5.9AI score

Exploits0References1

Prion•added 2023/04/27 3:15 p.m.•15 views

Cross site scripting

4.9CVSS5.3AI score0.0051EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/04/27 12:0 a.m.•11 views

CVE-2023-30338

5.6AI score0.0051EPSS

Exploits1References1

NVD•added 2023/04/26 4:15 p.m.•25 views

CVE-2022-27979

A cross-site scripting XSS vulnerability in ToolJet v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment Body component...

5.4CVSS5.3AI score0.00377EPSS

Exploits1References2

Prion•added 2023/04/26 4:15 p.m.•14 views

Cross site scripting

A cross-site scripting XSS vulnerability in ToolJet v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment Body component...

4.9CVSS5.3AI score0.00377EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/04/26 12:0 a.m.•12 views

CVE-2022-27979

A cross-site scripting XSS vulnerability in ToolJet v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment Body component...

5.4AI score0.00377EPSS

Exploits1References2

NVD•added 2023/04/25 1:15 p.m.•8 views

CVE-2023-30417

A cross-site scripting XSS vulnerability in Pear-Admin-Boot up to v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title of a private message...

5.4CVSS5.3AI score0.00213EPSS

Exploits1References1

Prion•added 2023/04/25 1:15 p.m.•12 views

Cross site scripting

4.9CVSS5.3AI score0.00213EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by