Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
A cross-site scripting vulnerability was reported in the FileZ client that could allow execution of code if a crafted url is visited by a local user.
An open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a crafted url is visited by a local user.
An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary file reads on the system if a crafted url is visited by a local user.
A stored cross-site scripting (XSS) vulnerability in the Send for Approval function of FileCloud v23.241.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
A stored Cross-site Scripting (XSS) vulnerability affecting City Referential in City Referential Manager on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's b
A stored Cross-site Scripting (XSS) vulnerability affecting City Discover in City Referential Manager on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's brows
Reflected Cross-Site Scripting (XSS) vulnerability in WebWork, which allows remote attackers to execute arbitrary code through the 'q' and 'engine' request parameters in /search.
A cross-site scripting (XSS) vulnerability in ScriptCase before v1.0.003 - Build 3 allows attackers to execute arbitrary code via a crafted payload to the "Connection Name" in the New Connection and R
A Reflected Cross Site Scripting (XSS) vulnerability was found in '/search' in Phoenix Site CMS from Phoenix, which allows remote attackers to execute arbitrary code via 's' GET parameter.
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability exists when an authenticated attacker modifies folder names within the context of the product
Cross Site Scripting vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrary code via the file upload method
A stored Cross-site Scripting (XSS) vulnerability affecting Opportunity Management in Project Portfolio Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker
Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian'[56.1] allows a remote attacker to execute arbitrary code via the q parameter
A cross-site scripting (XSS) vulnerability in a FileMaker WebDirect custom homepage could lead to unauthorized access and remote code execution. This vulnerability has been fully addressed in FileMake
A stored Cross-site Scripting (XSS) vulnerability affecting Compare in Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execu
Cross Site Scripting vulnerability in Shenzhen Interconnection Harbor Network Technology Co., Ltd Ofweek Online Exhibition v.1.0.0 allows a remote attacker to execute arbitrary code.
A stored cross-site scripting (XSS) vulnerability in AIxBlock commit 04f305 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the model_desc field.
A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker
A reflected cross-site scripting (XSS) vulnerability in the component dl_liuyan_save.php of ZZCMS v2023 allows attackers to execute arbitrary code in the context of a user's browser via injecting a cr
Page 1+ Next →