CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5210 matches found

Vulnrichment•added 2022/12/14 12:0 a.m.•4 views

CVE-2022-31358

A reflected cross-site scripting XSS vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/...

6.1AI score0.00874EPSS

Exploits1References4

OSV•added 2022/12/13 9:15 p.m.•10 views

CVE-2022-4207

The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several values that can be added to an Image Hover in versions 9.8.1 to 9.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to...

5.4CVSS5.6AI score

Exploits0References3

Prion•added 2022/12/13 9:15 p.m.•13 views

Cross site scripting

4.9CVSS5AI score0.00261EPSS

Exploits0References3Affected Software1

Cvelist•added 2022/12/13 8:18 p.m.•11 views

CVE-2022-4207

5.5CVSS5.2AI score0.00261EPSS

Exploits0References3

NVD•added 2022/12/13 6:15 p.m.•9 views

CVE-2022-45028

A cross-site scripting XSS vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha...

6.1CVSS0.00356EPSS

Exploits1References2

OSV•added 2022/12/13 2:15 p.m.•11 views

CVE-2022-46058

AeroCMS v0.0.1 was discovered to contain a cross-site scripting XSS vulnerability via addpost.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field...

4.8CVSS6.1AI score

Exploits0References1

Prion•added 2022/12/13 2:15 p.m.•15 views

Cross site scripting

4.3CVSS5AI score0.00369EPSS

Exploits1References1Affected Software1

CVE•added 2022/12/13 12:0 a.m.•84 views

CVE-2022-46058

CVE-2022-46058 affects AeroCMS v0.0.1, with a cross-site scripting (XSS) vulnerability exploitable via add_post.php. The issue allows an attacker to inject a crafted payload into the Comments text field to execute arbitrary web scripts or HTML. This is documented across multiple sources (NVD, RH ...

4.8CVSS5AI score0.00369EPSS

Exploits1References1Affected Software1

Prion•added 2022/12/07 2:15 p.m.•14 views

Cross site scripting

A cross-site scripting XSS vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Level parameter under the Add New System User module...

4.9CVSS5.3AI score0.00313EPSS

Exploits1References2Affected Software1

Prion•added 2022/12/07 2:15 a.m.•12 views

Cross site scripting

Online Leave Management System v1.0 was discovered to contain a stored cross-site scripting XSS vulnerability in the component /leavesystem/admin/?page=maintenance/department. This vulnerability allows attackers to execute arbitrary web scripts or HTML via crafted payload injected into the Name...

4.3CVSS5AI score0.00257EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/12/07 12:0 a.m.•17 views

CVE-2022-45217

5.5AI score0.00313EPSS

Exploits1References2

Vulnrichment•added 2022/12/07 12:0 a.m.•3 views

CVE-2022-45008

5AI score0.00257EPSS

Exploits1References1

OSV•added 2022/12/05 11:15 p.m.•17 views

CVE-2022-45769

A cross-site scripting XSS vulnerability in ClicShoppingV3 v3.402 allows attackers to execute arbitrary web scripts or HTML via a crafted URL parameter...

6.1CVSS5.7AI score

Exploits0References1

NVD•added 2022/12/05 11:15 p.m.•9 views

CVE-2022-45990

A cross-site scripting XSS vulnerability in the component /signupscript.php of Ecommerce-Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the eMail parameter...

6.1CVSS0.00356EPSS

Exploits1References1

Prion•added 2022/12/05 11:15 p.m.•13 views

Cross site scripting

5.8CVSS5.9AI score0.00356EPSS

Exploits1References1Affected Software1

Prion•added 2022/12/05 11:15 p.m.•9 views

Cross site scripting

A cross-site scripting XSS vulnerability in ClicShoppingV3 v3.402 allows attackers to execute arbitrary web scripts or HTML via a crafted URL parameter...

5.8CVSS5.9AI score0.00356EPSS

Exploits1References1Affected Software1

NVD•added 2022/12/02 9:15 p.m.•9 views

CVE-2022-4209

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'pointsf' parameter on the 'chainedquizlist' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

6.1CVSS0.01807EPSS

Exploits1References4

Prion•added 2022/12/02 9:15 p.m.•16 views

Cross site scripting

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'emailf' parameter on the 'chainedquizlist' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

5.8CVSS6AI score0.01817EPSS

Exploits1References3Affected Software1

Prion•added 2022/12/02 9:15 p.m.•18 views

Cross site scripting

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ipf' parameter on the 'chainedquizlist' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

5.8CVSS6AI score0.01807EPSS

Exploits1References3Affected Software1

Prion•added 2022/12/02 9:15 p.m.•18 views

Cross site scripting

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'date' parameter on the 'chainedquizlist' page in versions up to, and including, 1.3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

5.8CVSS6AI score0.02493EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by