CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

670 matches found

CNVD•added 2015/02/13 12:0 a.m.•2 views

u5CMS Cross-Site Scripting Vulnerability

u5CMS is a content management system CMS based on PHP, MySQL and Apache for medium-sized websites, conferences, audit processes, PayPal payments and online surveys. The system supports WYSIWYG editor, creating survey forms and data storage. A cross-site scripting vulnerability exists in u5CMS. Th...

4.3CVSS6.1AI score0.04307EPSS

Exploits2References1

CNVD•added 2015/02/10 12:0 a.m.•2 views

DotNetNuke Cross-Site Scripting Vulnerability (CNVD-2015-01010)

DotNetNuke DNN is a set of U.S. DNN company supported by Microsoft , based on the ASP.NET platform for open source content management system CMS. The system is easy to install , scalable , feature-rich and so on. DotNetNuke DNN suffers from a cross-site scripting vulnerability. A remote attacker...

4.3CVSS6.2AI score0.00253EPSS

Exploits0References1

CNVD•added 2015/01/29 12:0 a.m.•1 views

Multiple Cross-Site Scripting Vulnerabilities in IBM Dojo Toolkit

IBM Dojo Toolkit is IBM sponsored with the javascript language implementation of open source DHTML toolkit . IBM Dojo Toolkit has multiple cross-site scripting vulnerabilities that could allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS8.4AI score0.00449EPSS

Exploits0References1

Cvelist•added 2015/01/21 3:0 p.m.•14 views

CVE-2015-1204

Cross-site scripting XSS vulnerability in the Save Filters functionality in the WP Slimstat plugin before 3.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fsresource parameter in the wp-slim-view-2 page to wp-admin/admin.php...

5.8AI score0.00271EPSS

Exploits1References3

Prion•added 2015/01/15 3:59 p.m.•21 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Pods plugin before 2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter in an edit action in the pods page to wp-admin/admin.php...

4.3CVSS6.2AI score0.00198EPSS

Exploits2References4Affected Software1

Prion•added 2015/01/13 3:59 p.m.•10 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in question.php in the mTouch Quiz before 3.0.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the quiz parameter to wp-admin/edit.php...

4.3CVSS6.1AI score0.00227EPSS

Exploits1References5Affected Software1

NVD•added 2015/01/13 11:59 a.m.•8 views

CVE-2014-100006

Multiple cross-site scripting XSS vulnerabilities in modulesv3/googlemap/wtv3streetview.php in webtrees before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the 1 map, 2 streetview, or 3 reset parameter...

4.3CVSS5.8AI score0.00254EPSS

Exploits0References3

Prion•added 2015/01/13 11:59 a.m.•10 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Maian Weblog 4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 email, or 3 subject parameter in a contact action to index.php...

4.3CVSS6.1AI score0.00254EPSS

Exploits1References3Affected Software1

Prion•added 2015/01/13 11:59 a.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI...

4.3CVSS6.2AI score0.00174EPSS

Exploits1References2Affected Software1

Patchstack•added 2015/01/13 12:0 a.m.•17 views

WordPress Photocrati Theme - Cross Site Scripting

Because of this vulnerability in photocrati-gallery/ecomm-sizes.php, the attackers can inject arbitrary web script or HTML via the "prodid" parameter. Solution Update the theme...

4.3CVSS3.1AI score0.00233EPSS

Exploits1References1Affected Software1

Patchstack•added 2015/01/12 12:0 a.m.•8 views

WordPress Page Builder Plugin <= 2.0.3 - Reflected XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

2AI score

Exploits0References1Affected Software1

Prion•added 2015/01/07 7:59 p.m.•9 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SAP NetWeaver Business Client NWBC for HTML 3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 title or 2 roundtrips parameter, aka SAP Security Note 2051285...

4.3CVSS6AI score0.00254EPSS

Exploits1References3Affected Software1

NVD•added 2015/01/02 7:59 p.m.•9 views

CVE-2014-9439

Cross-site scripting XSS vulnerability in Easy File Sharing Web Server 6.8 allows remote attackers to inject arbitrary web script or HTML via the username field during registration, which is not properly handled by forum.ghp...

4.3CVSS5.7AI score0.01185EPSS

Exploits0References2

Prion•added 2014/12/28 2:59 a.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in amMap 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the 1 datafile or 2 settingsfile parameter to ammap.swf, or 3 the datafile parameter to amtimeline.swf...

4.3CVSS6.1AI score0.00254EPSS

Exploits1References3Affected Software1

Prion•added 2014/11/26 3:59 p.m.•13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in deploy/designer/preview.php in the Digital Zoom Studio DZS Video Gallery plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 swfloc or 2 designrand parameter...

4.3CVSS6.2AI score0.07178EPSS

Exploits0References4

OSV•added 2014/11/24 4:59 p.m.•9 views

CVE-2012-6662

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

6AI score

Exploits0References17

Prion•added 2014/11/17 4:59 p.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpSound 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the 1 Title or 2 Description fields in a playlist or the 3 filter parameter in an explore action to index.php...

4.3CVSS6AI score0.03324EPSS

Exploits1References3Affected Software1

Prion•added 2014/10/31 2:55 p.m.•23 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336...

4.3CVSS5.8AI score0.00296EPSS

Exploits0References3Affected Software1

Prion•added 2014/10/19 1:55 a.m.•16 views

Cross site scripting

Cross-site scripting XSS vulnerability in the web framework in Cisco Prime Optical 10 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuq80763...

6.8CVSS6.2AI score0.00555EPSS

Exploits0References3Affected Software1

NVD•added 2014/08/29 1:55 p.m.•9 views

CVE-2014-4930

Multiple cross-site scripting XSS vulnerabilities in event/index2.do in ManageEngine EventLog Analyzer before 9.0 build 9002 allow remote attackers to inject arbitrary web script or HTML via the 1 width, 2 height, 3 url, 4 helpP, 5 tab, 6 module, 7 completeData, 8 RBBNAME, 9 TC, 10 rtype, 11...

4.3CVSS5.8AI score0.00447EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by