Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
20 MEDIUM
CVE-2026-35015
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in do_unit_mail.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized
NVD RRF 0.016
CVE-2026-35008
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value
NVD RRF 0.016
CVE-2026-48229
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in routes_i.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized val
NVD RRF 0.016
CVE-2026-48228
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient_w.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized va
NVD RRF 0.016
CVE-2026-35014
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in routes_nm.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized va
NVD RRF 0.015
CVE-2026-48213
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in add.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value th
NVD RRF 0.015
CVE-2026-35009
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in add_note.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized val
NVD RRF 0.015
CVE-2026-35010
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient_JF.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized v
NVD RRF 0.015
CVE-2026-48214
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in add_nm.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value
NVD RRF 0.014
CVE-2026-35007
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single_unit.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized
NVD RRF 0.014
CVE-2026-48227
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized valu
NVD RRF 0.014
CVE-2026-35012
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in add_facnote.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized
NVD RRF 0.014
CVE-2026-48216
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in db_loader.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized va
NVD RRF 0.014
CVE-2026-35013
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in street_view.php that allows authenticated attackers to inject arbitrary JavaScript by passing unsanitized val
NVD RRF 0.014
CVE-2026-48230
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ticketsmdb_import.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsani
NVD RRF 0.013
CVE-2026-48225
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in landb.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value
NVD RRF 0.013
CVE-2026-35011
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in opena.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value
NVD RRF 0.013
CVE-2026-48222
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics213.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value
NVD RRF 0.013
CVE-2026-48226
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in os_watch.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized val
NVD RRF 0.013
CVE-2026-48219
MEDIUM CVSS 5.1
Find Similar
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics202.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value
NVD RRF 0.013
Page 1+ Next →