CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5210 matches found

Cvelist•added 2023/01/25 12:0 a.m.•12 views

CVE-2022-47073

A cross-site scripting XSS vulnerability in the Create Ticket page of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject parameter...

5.5AI score0.00077EPSS

Exploits0References2

Cvelist•added 2023/01/25 12:0 a.m.•13 views

CVE-2022-46624

A cross-site scripting XSS vulnerability in Online Graduate Tracer System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter...

6AI score0.00234EPSS

Exploits0References2

NVD•added 2023/01/20 7:15 p.m.•12 views

CVE-2023-23024

Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the writer parameter...

6.1CVSS6AI score0.00234EPSS

Exploits1References1

NVD•added 2023/01/20 3:15 p.m.•6 views

CVE-2022-41441

Multiple cross-site scripting XSS vulnerabilities in ReQlogic v11.3 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters...

6.1CVSS6.1AI score0.06229EPSS

Exploits3References4

Prion•added 2023/01/20 3:15 p.m.•10 views

Cross site scripting

5.8CVSS6AI score0.06229EPSS

Exploits3References4Affected Software1

Cvelist•added 2023/01/20 12:0 a.m.•10 views

CVE-2023-23024

6.1AI score0.00234EPSS

Exploits1References1

Vulnrichment•added 2023/01/20 12:0 a.m.•4 views

CVE-2023-23024

6.1AI score0.00234EPSS

Exploits1References1

Cvelist•added 2023/01/20 12:0 a.m.•11 views

CVE-2022-41441

6.2AI score0.06229EPSS

Exploits3References4

NVD•added 2023/01/18 6:15 p.m.•8 views

CVE-2022-45613

5.4CVSS5.3AI score0.00307EPSS

Exploits1References2

Prion•added 2023/01/18 6:15 p.m.•12 views

Cross site scripting

4.9CVSS5.3AI score0.00307EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/01/18 12:0 a.m.•8 views

CVE-2022-45613

5.5AI score0.00307EPSS

Exploits1References2

Prion•added 2023/01/16 4:15 p.m.•20 views

Code injection

The MonsterInsights WordPress plugin before 8.9.1 does not sanitize or escape page titles in the top posts/pages section, allowing an unauthenticated attacker to inject arbitrary web scripts into the titles by spoofing requests to google analytics...

5.8CVSS6.2AI score0.36712EPSS

Exploits3References1Affected Software1

CVE•added 2023/01/16 3:37 p.m.•79 views

CVE-2022-3904

CVE-2022-3904 affects the WordPress MonsterInsights plugin. Versions prior to 8.9.1 fail to sanitize/escape page titles in the top posts/pages section, enabling an unauthenticated attacker to inject arbitrary web scripts into titles by spoofing requests to Google Analytics. The vulnerability is d...

6.1CVSS6.2AI score0.36712EPSS

Exploits3References1Affected Software1

Cvelist•added 2023/01/16 3:37 p.m.•18 views

CVE-2022-3904 MonsterInsights < 8.9.1 - Stored Cross-Site Scripting via Google Analytics

6.4AI score0.36712EPSS

Exploits3References1

CNNVD•added 2023/01/14 12:0 a.m.•1 views

abreen Apollo 路径遍历漏洞

Apollo is a set of PHP scripts by Alex Breen, an individual developer. It is intended to provide a web-based interface for students to upload course assignments. A path traversal vulnerability exists in abreen Apollo, which stems from an unknown partial impact, where manipulation of a parameter...

8.8CVSS6.4AI score0.00553EPSS

Exploits0References4

Prion•added 2023/01/13 12:15 a.m.•14 views

Cross site scripting

A cross-site scripting XSS vulnerability in the /admin/articlecategory.php component of DouPHP v1.7 20221118 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the description parameter...

4.9CVSS5.3AI score0.00213EPSS

Exploits1References1Affected Software1

Prion•added 2023/01/12 10:15 p.m.•9 views

Cross site scripting

A cross-site scripting XSS vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter...

5.8CVSS5.9AI score0.00218EPSS

Exploits0References1Affected Software1

Prion•added 2023/01/12 10:15 p.m.•16 views

Cross site scripting

A cross-site scripting XSS vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee ID parameter...

5.8CVSS5.9AI score0.00314EPSS

Exploits0References1Affected Software1

NVD•added 2023/01/12 3:15 p.m.•13 views

CVE-2022-46503

A cross-site scripting XSS vulnerability in the component /admin/register.php of Online Student Enrollment System v1.0 allows attackers to execute arbitrary web scripts via a crafted payload injected into the name parameter...

5.4CVSS5.3AI score0.00213EPSS

Exploits1References1

Cvelist•added 2023/01/12 12:0 a.m.•15 views

CVE-2022-46438

5.5AI score0.00213EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by