Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Knap Advanced PHP Login 3.1.3 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script code in the name parameter. Attackers can exploit the vul
Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and edi
Stripe Green Downloads Wordpress Plugin 2.03 contains a persistent cross-site scripting vulnerability allowing remote attackers to inject malicious scripts in button label fields. Attackers can exploi
Cross Site Scripting vulnerability in student management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code.
A cross-site scripting (XSS) vulnerability in the component /Login.php of c3crm up to v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login_err
A vulnerability has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This vulnerability affects unknown code of the file /index.php/sysmanage/Login. Such manipulation of the argument Nam
XinLiangCoder php_api_doc through commit 1ce5bbf contains a reflected cross-site scripting vulnerability in list_method.php that allows remote attackers to execute arbitrary JavaScript in a victim's b
Cross Site Scripting vulnerability in sunnygkp10 Online Exam System master version allows a remote attacker to obtain sensitive information via the w parameter.
A Reflected Cross-Site Scripting (XSS) vulnerability was found in the /search-result.php page of the PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remo
A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary co
Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating form parameters in POST requests. Attack
Cross Site Scripting vulnerability in online diagnostic lab management system using php v.1.0 allows a remote attacker to execute arbitrary code via the Test Name parameter on the diagnostic/add-test.
A Reflected Cross-Site Scripting (XSS) vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows re
Cross Site Scripting vulnerability in Blood Bank v.1 allows a remote attacker to execute arbitrary code via a crafted script to the login.php component.
A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/admin_user.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitr
Cross Site Scripting vulnerability in Online Shop Store v.1.0 allows a remote attacker to execute arbitrary code via the login.php component.
A HTML Injection vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to exec
A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the
A vulnerability was found in SourceCodester Multi Role Login System 1.0. It has been classified as problematic. Affected is an unknown function of the file /endpoint/add-user.php. The manipulation of
An authenticated cross-site scripting (XSS) vulnerability in the Administrative interface of Radware AlteonOS Web UI Management v33.0.4.50 allows attackers to execute arbitrary web scripts or HTML via
Page 1+ Next →