CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5210 matches found

OSV•added 2023/02/03 5:15 p.m.•13 views

CVE-2023-22975

A cross-site scripting XSS vulnerability in JFinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter under /front/person/profile.html...

6.1CVSS5.9AI score

Exploits0References1

Prion•added 2023/02/03 5:15 p.m.•15 views

Cross site scripting

5.8CVSS5.8AI score0.00314EPSS

Exploits1References1Affected Software1

Prion•added 2023/02/02 9:22 p.m.•14 views

Cross site scripting

The Real Media Library: Media Library Folder & File Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via folder names in versions up to, and including, 4.18.28 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

4.9CVSS5AI score

Exploits1References3Affected Software1

Prion•added 2023/01/31 1:15 a.m.•9 views

Cross site scripting

A cross-site scripting XSS vulnerability in ApolloTheme AP PageBuilder component through 2.4.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shownumber parameter...

5.8CVSS5.9AI score0.01469EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/01/31 12:0 a.m.•12 views

CVE-2022-44897

6AI score0.01469EPSS

Exploits1References2

CNVD•added 2023/01/30 12:0 a.m.•25 views

Nexus PHP Cross-Site Scripting Vulnerability (CNVD-2023-05399)

NexusPHP is a free and open source complete PT website building solution. versions prior to NexusPHP 1.7.33 contain a security vulnerability that could be exploited by attackers to allow remote attackers to inject arbitrary web scripts or HTML via secret parameters in /login.php...

6.1CVSS3.5AI score0.14516EPSS

Exploits1References1

CNVD•added 2023/01/30 12:0 a.m.•18 views

Nexus PHP Cross-Site Scripting Vulnerability (CNVD-2023-05398)

NexusPHP is a free and open source complete solution for building PT websites. NexusPHP has a security vulnerability that can be exploited by attackers to permanently inject arbitrary web scripts or HTML via the title parameter used in /subtitles.php...

5.4CVSS1.5AI score0.00254EPSS

Exploits0References1

NVD•added 2023/01/27 10:15 p.m.•7 views

CVE-2022-46968

A stored cross-site scripting XSS vulnerability in /index.php?page=help of Revenue Collection System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into sent messages...

5.4CVSS5.3AI score0.00146EPSS

Exploits1References2

Prion•added 2023/01/27 9:15 p.m.•18 views

Cross site scripting

The Quick Restaurant Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters in versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

4.3CVSS4.7AI score0.00457EPSS

Exploits0References3Affected Software1

OSV•added 2023/01/27 6:15 p.m.•14 views

CVE-2022-48013

Opencats v0.9.7 was discovered to contain a stored cross-site scripting XSS vulnerability in the component /opencats/index.php?m=calendar. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description or Title text fields...

5.4CVSS5.3AI score

Exploits0References2

NVD•added 2023/01/27 6:15 p.m.•11 views

CVE-2022-48013

5.4CVSS5.3AI score0.00213EPSS

Exploits1References2

NVD•added 2023/01/27 6:15 p.m.•8 views

CVE-2022-48007

A stored cross-site scripting XSS vulnerability in identification.php of Piwigo v13.4.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User-Agent...

5.4CVSS5.3AI score0.00198EPSS

Exploits1References1

Prion•added 2023/01/27 6:15 p.m.•11 views

Cross site scripting

LimeSurvey v5.4.15 was discovered to contain a stored cross-site scripting XSS vulnerability in the component /index.php/surveyAdministration/rendersidemenulink?subaction=surveytexts. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into...

4.9CVSS5.3AI score0.00213EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/01/27 12:0 a.m.•14 views

CVE-2022-46968

5.4AI score0.00146EPSS

Exploits1References2

CVE•added 2023/01/27 12:0 a.m.•53 views

CVE-2022-48010

Summary (CVE-2022-48010) LimeSurvey v5.4.15 contains a stored XSS vulnerability in the component /index.php/surveyAdministration/rendersidemenulink?subaction=surveytexts. A crafted payload placed into Description or Welcome-message text fields can execute arbitrary script/HTML in the victim’s bro...

5.4CVSS5.3AI score0.00213EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/01/27 12:0 a.m.•21 views

CVE-2022-48013

5.5AI score0.00213EPSS

Exploits1References2

NVD•added 2023/01/26 9:18 p.m.•14 views

CVE-2022-47073

A cross-site scripting XSS vulnerability in the Create Ticket page of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject parameter...

5.4CVSS5.3AI score0.00077EPSS

Exploits0References2

NVD•added 2023/01/26 9:18 p.m.•6 views

CVE-2022-46624

A cross-site scripting XSS vulnerability in Online Graduate Tracer System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter...

6.1CVSS5.9AI score0.00234EPSS

Exploits0References2

Prion•added 2023/01/26 9:18 p.m.•12 views

Cross site scripting

A cross-site scripting XSS vulnerability in Online Graduate Tracer System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter...

5.8CVSS5.9AI score0.00234EPSS

Exploits0References2Affected Software1

Prion•added 2023/01/26 9:17 p.m.•16 views

Cross site scripting

A cross-site scripting XSS vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function...

5.8CVSS5.9AI score0.00338EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by