Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
2 CRITICAL8 HIGH10 MEDIUM
CVE-2025-54295
MEDIUM CVSS 5.1
Find Similar
A Reflected XSS vulnerability in DJ-Reviews component 1.0-1.3.6 for Joomla was discovered.
NVD RRF 0.016
CVE-2025-54297
HIGH CVSS 7.0
Find Similar
A stored XSS vulnerability in CComment component 5.0.0-6.1.14 for Joomla was discovered.
NVD RRF 0.016
CVE-2025-54296
HIGH CVSS 7.0
Find Similar
A stored XSS vulnerability in ProFiles component 1.0-1.5.0 for Joomla was discovered.
NVD RRF 0.016
CVE-2025-54299
CRITICAL CVSS 9.4
Find Similar
A stored XSS vulnerability in No Boss Testimonials component 1.0.0-3.0.0 and 4.0.0-4.0.2 for Joomla was discovered.
NVD RRF 0.015
CVE-2025-54298
CRITICAL CVSS 9.4
Find Similar
A stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla was discovered.
NVD RRF 0.015
CVE-2025-55757
MEDIUM CVSS 6.1
Find Similar
A unauthenticated reflected XSS vulnerability in VirtueMart 1.0.0-4.4.10 for Joomla was discovered.
NVD RRF 0.015
CVE-2025-50058
MEDIUM CVSS 5.1
Find Similar
A stored XSS vulnerability in the RSDirectory! component 1.0.0-2.2.8 Joomla was discovered. The issue allows remote authenticated attackers to inject arbitrary web script or HTML via the review reply
NVD RRF 0.015
CVE-2025-32465
HIGH CVSS 8.5
Find Similar
A stored XSS vulnerability in RSTickets! component 1.9.12 - 3.3.0 for Joomla was discovered. It allows attackers to perform cross-site scripting (XSS) attacks via sending crafted payload.
NVD RRF 0.014
CVE-2025-54301
HIGH CVSS 8.5
Find Similar
A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. File names are not properly escaped.
NVD RRF 0.014
CVE-2025-50126
MEDIUM CVSS 5.3
Find Similar
A stored XSS vulnerability in the RSBlog! component 1.11.6-1.14.5 Joomla was discovered. The issue allows remote authenticated users to inject arbitrary web script or HTML via the jform[tags_text] par
NVD RRF 0.014
CVE-2025-54300
HIGH CVSS 8.5
Find Similar
A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. The SVG upload feature does not sanitize uploads.
NVD RRF 0.014
CVE-2025-53229
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kamleshyadav RockON DJ rockon allows Reflected XSS.This issue affects RockON DJ: from n/a through
NVD RRF 0.014
CVE-2024-51075
MEDIUM CVSS 6.1
Find Similar
A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/user-search.php in PHPGurukul Online DJ Booking Management System v1.0, which allows remote attackers to execute arbitrary
phpgurukul
NVD RRF 0.014
CVE-2025-55758
MEDIUM CVSS 5.4
Find Similar
Multiple CSRF attack vectors in JDownloads component 1.0.0-4.0.47 for Joomla were discovered.
NVD RRF 0.013
CVE-2025-22714
HIGH CVSS 7.1
Find Similar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MDJM Mobile DJ Manager mobile-dj-manager allows Reflected XSS.This issue affects Mobile DJ Manager
NVD RRF 0.013
CVE-2024-40474
MEDIUM CVSS 5.4
Find Similar
A Reflected Cross Site Scripting (XSS) vulnerability was found in "edit-cate.php" in SourceCodester House Rental Management System v1.0.
mayurik
NVD RRF 0.013
CVE-2023-46948
MEDIUM CVSS 5.4
Find Similar
A reflected Cross-Site Scripting (XSS) vulnerability was found on Temenos T24 Browser R19.40 that enables a remote attacker to execute arbitrary JavaScript code via the skin parameter in the about.jsp
NVD RRF 0.013
CVE-2025-49486
HIGH CVSS 8.6
Find Similar
A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 for Joomla allows privileged users to store malicious scripts in gallery items.
NVD RRF 0.013
Page 1+ Next →