Export limit exceeded: 343843 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 343843 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-36995 1 Travianz Project 1 Travianz 2024-11-21 6.1 Medium
TravianZ through 8.3.4 allows XSS via the Alliance tag/name, the statistics page, the link preferences, the Admin Logs, or the COOKUSR cookie.
CVE-2023-36994 1 Travianz Project 1 Travianz 2024-11-21 9.8 Critical
In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an attacker to overwrite the server configuration and inject PHP code.
CVE-2023-36993 1 Travianz Project 1 Travianz 2024-11-21 9.8 Critical
The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in the password reset function allows an attacker to guess the password reset.parameters and to take over accounts.
CVE-2023-36992 1 Travianz Project 1 Travianz 2024-11-21 7.2 High
PHP injection in TravianZ 8.3.4 and 8.3.3 in the config editor in the admin page allows remote attackers to execute PHP code.