Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45721 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2021-29033 1 Bitweaver 1 Bitweaver 2024-11-21 4.8 Medium
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/edit_group.php URI.
CVE-2021-29032 1 Bitweaver 1 Bitweaver 2024-11-21 4.8 Medium
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/preferences.php URI.
CVE-2021-29031 1 Bitweaver 1 Bitweaver 2024-11-21 4.8 Medium
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/users_import.php URI.
CVE-2021-29030 1 Bitweaver 1 Bitweaver 2024-11-21 4.8 Medium
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/index.php URI.
CVE-2021-29029 1 Bitweaver 1 Bitweaver 2024-11-21 4.8 Medium
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/edit_personal_page.php URI.
CVE-2021-29028 1 Bitweaver 1 Bitweaver 2024-11-21 4.8 Medium
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/user_activity.php URI.
CVE-2021-29027 1 Bitweaver 1 Bitweaver 2024-11-21 4.8 Medium
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/index.php URI.
CVE-2021-29026 1 Bitweaver 1 Bitweaver 2024-11-21 4.8 Medium
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/permissions.php URI.
CVE-2021-29025 1 Bitweaver 1 Bitweaver 2024-11-21 4.8 Medium
A cross-site scripting (XSS) vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/my_images.php URI.
CVE-2021-29011 1 Dmasoftlab 1 Dma Radius Manager 2024-11-21 6.1 Medium
DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting (XSS) via the description, name, or address field (under admin.php).
CVE-2021-29010 1 Seopanel 1 Seo Panel 2024-11-21 4.8 Medium
A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "report_type" parameter.
CVE-2021-29009 1 Seopanel 1 Seo Panel 2024-11-21 4.8 Medium
A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "type" parameter.
CVE-2021-29008 1 Seopanel 1 Seo Panel 2024-11-21 4.8 Medium
A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via webmaster-tools.php in the "to_time" parameter.
CVE-2021-29002 1 Plone 1 Plone 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in Plone CMS 5.2.3 exists in site-controlpanel via the "form.widgets.site_title" parameter.
CVE-2021-28977 1 Get-simple 1 Getsimplecms 2024-11-21 4.8 Medium
Cross Site Scripting vulnerability in GetSimpleCMS 3.3.16 in admin/upload.php by adding comments or jpg and other file header information to the content of xla, pages, and gzip files,
CVE-2021-28975 1 Wpmailster 1 Wp Mailster 2024-11-21 6.1 Medium
WP Mailster 1.6.18.0 allows XSS when a victim opens a mail server's details in the mst_servers page, for a crafted server_host, server_name, or connection_parameter parameter.
CVE-2021-28968 1 Gnu 1 Punbb 2024-11-21 5.4 Medium
An issue was discovered in PunBB before 1.4.6. An XSS vulnerability in the [email] BBcode tag allows (with authentication) injecting arbitrary JavaScript into any forum message.
CVE-2021-28935 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 5.4 Medium
CMS Made Simple (CMSMS) 2.2.15 allows authenticated XSS via the /admin/addbookmark.php script through the Site Admin > My Preferences > Title field.
CVE-2021-28924 1 Nagios 1 Network Analyzer 2024-11-21 6.1 Medium
Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page.
CVE-2021-28912 1 Bab-technologie 2 Eibport, Eibport Firmware 2024-11-21 7.2 High
BAB TECHNOLOGIE GmbH eibPort V3. Each device has its own unique hard coded and weak root SSH key passphrase known as 'eibPort string'. This is usable and the final part of an attack chain to gain SSH root access.