CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2025/07/15 6:22 p.m.•25 views

CVE-2025-53903

CVE-2025-53903 affects The Scratch Channel’s web application, with a cross-site scripting (XSS) vulnerability stemming from unsanitized input in /api/users.js. The issue is addressed by commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb. Public documents describe the vulnerability and fix; exploitat...

5.3CVSS5.9AI score0.00327EPSS

RedhatCVE•added 2025/05/23 7:47 a.m.•11 views

CVE-2024-46994

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...

5.4CVSS6.1AI score0.0028EPSS

Exploits0References1

NVD•added 2024/10/24 7:15 p.m.•12 views

CVE-2024-46998

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue...

7.1CVSS0.00328EPSS

NVD•added 2024/10/24 7:15 p.m.•14 views

CVE-2024-46995

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue...

6.1CVSS0.00286EPSS

NVD•added 2024/10/24 7:15 p.m.•32 views

CVE-2024-46994

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...

5.4CVSS0.0028EPSS

CVE•added 2024/10/24 6:35 p.m.•46 views

CVE-2024-46996

baserCMS (CMS framework) has a Cross-site Scripting (XSS) vulnerability in the Blog posts feature affecting versions prior to 5.1.2. The issue is addressed by upgrading to a fixed release (5.1.2 or newer; some sources list 5.1.3 as the update path). Multiple connected advisories confirm the affec...

6.3CVSS5.6AI score0.00303EPSS

Exploits0References2Affected Software1

OSV•added 2024/10/24 6:35 p.m.•13 views

CVE-2024-46996 baserCMS has a Cross-site Scripting (XSS) Vulnerability in Blog posts Feature

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Blog posts feature. Version 5.1.2 fixes this issue...

6.3CVSS5.8AI score0.00303EPSS

Vulnrichment•added 2024/10/24 6:31 p.m.•19 views

CVE-2024-46995 baserCMS has Cross-site Scripting Vulnerability in HTTP 400 Bad Request

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue...

6.1CVSS6.2AI score0.00286EPSS

OSV•added 2024/10/24 6:31 p.m.•9 views

CVE-2024-46995 baserCMS has Cross-site Scripting Vulnerability in HTTP 400 Bad Request

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue...

6.1CVSS5.9AI score0.00286EPSS

CVE•added 2024/10/24 6:22 p.m.•48 views

CVE-2024-46994

CVE-2024-46994 concerns baserCMS. A cross-site scripting (XSS) vulnerability exists in the Blog posts and Contents list feature for versions prior to 5.1.2; version 5.1.2 contains the fix. Publicly documented analyses and advisories (including JVN and RH) corroborate the issue and list remediatio...

5.4CVSS5.1AI score0.0028EPSS

Exploits0References2Affected Software1

OSV•added 2024/10/24 6:22 p.m.•22 views

CVE-2024-46994 baserCMS has Cross-site Scripting Vulnerability in Blog posts and Contents list Feature

baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue...

5.4CVSS5.9AI score0.0028EPSS

NVD•added 2024/02/22 7:15 p.m.•9 views

CVE-2024-26128

baserCMS is a website development framework. Prior to version 5.0.9, there is a cross-site scripting vulnerability in the content management feature. Version 5.0.9 contains a fix for this vulnerability...

5.4CVSS5.2AI score0.00572EPSS

Prion•added 2024/02/22 7:15 p.m.•9 views

Cross site scripting

4.9CVSS6.6AI score0.00572EPSS

OSV•added 2024/02/22 6:32 p.m.•25 views

CVE-2024-26128 baserCMS Cross-site Scripting vulnerability in Content Management

5.4CVSS5.4AI score0.00572EPSS

Exploits0References5

CVE•added 2024/02/22 6:32 p.m.•81 views

CVE-2024-26128

CVE-2024-26128 applies to baserCMS. A cross-site scripting vulnerability exists in the Content Management feature in versions prior to 5.0.9. The issue is mitigated by upgrading to 5.0.9 or later, which includes the fix. Connected sources also reference fixes in 5.0.10 per later advisories. The v...

5.4CVSS5.1AI score0.00572EPSS

Exploits0References3Affected Software1

Prion•added 2024/02/22 3:15 p.m.•10 views

Cross site scripting

baserCMS is a website development framework. Prior to version 5.0.9, there is a cross-site scripting vulnerability in the site search feature. Version 5.0.9 contains a fix for this vulnerability...

5.8CVSS6.3AI score0.0047EPSS

Prion•added 2024/02/22 3:15 p.m.•10 views

Command injection

baserCMS is a website development framework. Prior to version 5.0.9, there is an OS Command Injection vulnerability in the site search feature of baserCMS. Version 5.0.9 contains a fix for this vulnerability...

5.1CVSS7.4AI score0.01455EPSS