CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7610 matches found

exploitpack•added 2009/05/15 12:0 a.m.•15 views

Webmedia Explorer 5.0.95.10 - Multiple Cross-Site Scripting Vulnerabilities

Webmedia Explorer 5.0.95.10 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/35368/info Webmedia Explorer is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these...

securityvulns•added 2009/05/13 12:0 a.m.•69 views

[ MDVSA-2009:110 ] squirrelmail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:110 http://www.mandriva.com/security/ Package : squirrelmail Date : May 12, 2009 Affected: Corporate 4.0 Problem Description: Multiple vulnerabilities has been identified and corrected in squirrelmail: Two...

6.8CVSS7.9AI score0.03597EPSS

Japan Vulnerability Notes•added 2009/05/12 8:50 a.m.•1 views

Cross-site scripting vulnerability in SKIP from SKIP User Group

Overview SKIP from SKIP User Group contains a cross-site scripting vulnerability. SKIP from SKIP User Group is an open source SNS Social Networking Service software. SKIP contains a cross-site scripting vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this...

4.3CVSS6AI score0.00475EPSS

Exploits0References8

exploitpack•added 2009/05/08 12:0 a.m.•8 views

Claroline 1.8.11 - clarolinelinkernotfound.php Cross-Site Scripting

Claroline 1.8.11 - clarolinelinkernotfound.php Cross-Site Scripting source: https://www.securityfocus.com/bid/34883/info Claroline is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execut...

Exploit DB•added 2009/05/05 12:0 a.m.•21 views

IceWarp Merak Mail Server 9.4.1 - 'cleanHTML()' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34823/info IceWarp Merak Mail Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

exploitpack•added 2009/05/05 12:0 a.m.•14 views

VerliAdmin 0.3 - index.php Multiple Cross-Site Scripting Vulnerabilities

VerliAdmin 0.3 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/34845/info VerliAdmin is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these...

Exploit DB•added 2009/05/05 12:0 a.m.•30 views

IceWarp Merak Mail Server 9.4.1 - 'item.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34825/info IceWarp Merak Mail Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Exploit DB•added 2009/05/05 12:0 a.m.•24 views

VerliAdmin 0.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/34845/info VerliAdmin is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspectin...

exploitpack•added 2009/05/03 12:0 a.m.•15 views

MyBB 1.4.5 - Multiple Vulnerabilities

MyBB 1.4.5 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/34798/info MyBB is prone to multiple security vulnerabilities, including an HTML-injection issue and an unspecified issue. An attacker may leverage the HTML-injection issue to execute arbitrary script code in the...

OpenVAS•added 2009/05/02 12:0 a.m.•18 views

Drupal HTML Injection and Information Disclosure Vulnerabilities

Drupal is prone to a cross-site scripting vulnerability and an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

4.3CVSS5.7AI score0.00798EPSS

Exploits0References2

Exploit DB•added 2009/04/29 12:0 a.m.•24 views

Coppermine Photo Gallery 1.4.21 - 'css' Cross-Site Scripting

source: https://www.securityfocus.com/bid/34782/info Coppermine Photo Gallery is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

exploitpack•added 2009/04/29 12:0 a.m.•14 views

Coppermine Photo Gallery 1.4.21 - css Cross-Site Scripting

Coppermine Photo Gallery 1.4.21 - css Cross-Site Scripting source: https://www.securityfocus.com/bid/34782/info Coppermine Photo Gallery is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

Cvelist•added 2009/04/28 4:0 p.m.•16 views

CVE-2009-1454

Cross-site scripting XSS vulnerability in tasks.php in WebCollab before 2.50 aka Billy Goat allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action...

5.7AI score0.00475EPSS

Exploits0References6

Tenable Nessus•added 2009/04/28 12:0 a.m.•15 views

BlackBerry Enterprise Server MDS Connection Service XSS

The remote host is running the BlackBerry Enterprise Server MDS Connection Service. The installed version is affected by cross-site scripting vulnerabilities involving the 'customDate', 'interval', 'lastCustomInterval', 'lastIntervalLength', 'nextCustomInterval', 'nextIntervalLength', 'action',...

4.3CVSS6.1AI score0.03173EPSS

Exploits2References3

Exploit DB•added 2009/04/27 12:0 a.m.•18 views

Invision Power Board (IP.Board) 3.0 - Multiple HTML Injection / Information Disclosure Vulnerabilities

source: https://www.securityfocus.com/bid/34725/info Invision Power Board is prone to an information-disclosure issue and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to determine path information or to...

Japan Vulnerability Notes•added 2009/04/27 12:0 a.m.•44 views

JVN#11396739 Cross-site scripting vulnerability in MiniBBS from CGI RESCUE

MiniBBS is a message board script provided by CGI RESCUE, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the vendor. Products...

4.3CVSS5.9AI score0.00516EPSS

Japan Vulnerability Notes•added 2009/04/24 12:0 a.m.•38 views

JVN#97248625 Movable Type cross-site scripting vulnerability

Movable Type, a web log system from Six Apart KK, contains a cross-site scripting vulnerability. This vulnerability is a different vulnerability than past reports on JVN. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest versio...

4.3CVSS5.7AI score0.00516EPSS

Exploit DB•added 2009/04/22 12:0 a.m.•23 views

Mozilla (Multiple Products) - Server Refresh Header Cross-Site Scripting

source: https://www.securityfocus.com/bid/34656/info The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox, Thunderbird, and SeaMonkey. Attackers can exploit these issues to bypass same-origin restrictions, obtain potentially sensitive...

exploitpack•added 2009/04/22 12:0 a.m.•10 views

Mozilla (Multiple Products) - Server Refresh Header Cross-Site Scripting

Mozilla Multiple Products - Server Refresh Header Cross-Site Scripting source: https://www.securityfocus.com/bid/34656/info The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox, Thunderbird, and SeaMonkey. Attackers can exploit these issue...

exploitpack•added 2009/04/20 12:0 a.m.•11 views

Online Contact Manager 3.0 - index.php?showGroup Cross-Site Scripting

Online Contact Manager 3.0 - index.php?showGroup Cross-Site Scripting source: https://www.securityfocus.com/bid/34626/info Online Contact Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by