CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7607 matches found

exploitpack•added 2007/01/02 12:0 a.m.•13 views

VCard Pro - gbrowse.php Cross-Site Scripting

VCard Pro - gbrowse.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21844/info vCard PRO is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

Exploit DB•added 2006/12/29 12:0 a.m.•17 views

Mobilelib Gold - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/21817/info Mobilelib GOLD is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

exploitpack•added 2006/12/29 12:0 a.m.•15 views

Mobilelib Gold - Multiple Cross-Site Scripting Vulnerabilities

Mobilelib Gold - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21817/info Mobilelib GOLD is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issue...

Exploit DB•added 2006/12/27 12:0 a.m.•16 views

PHP iCalendar 1.1/2.x - 'getdate' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

Exploit DB•added 2006/12/27 12:0 a.m.•19 views

PHP iCalendar 1.1/2.x - 'year.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

Exploit DB•added 2006/12/25 12:0 a.m.•31 views

PHP Live! 3.2.2 index.php l Parameter XSS

PHP Live! 3.2.2 index.php l Parameter XSS. CVE-2006-6769. Webapps exploit for php platform source: http://www.securityfocus.com/bid/21737/info PHP Live! is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker ma...

6.8CVSS6.8AI score0.01535EPSS

Japan Vulnerability Notes•added 2006/12/25 12:0 a.m.•12 views

JVN#02729869 pnamazu cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. Solution Products Affected pnamazu-2006.02.28 and earlier For more information, refer to the developer's website...

CVE•added 2006/12/23 1:0 a.m.•66 views

CVE-2006-6700

Technical details about CVE-2006-6700 are not publicly available in the provided documents. The description notes a vague initial disclosure. Monitor for updates from the sources to obtain affected products, impact, and remediation information.

6.8CVSS5.7AI score0.01009EPSS

Exploits0References4Affected Software1

exploitpack•added 2006/12/22 12:0 a.m.•11 views

A-Blog 1.0 - Cross-Site Scripting

A-Blog 1.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/21716/info The 'a-blog' application is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script cod...

CVE•added 2006/12/20 2:0 a.m.•40 views

CVE-2006-6647

CVE-2006-6647 is a cross-site scripting (XSS) vulnerability affecting the Drupal MySite module. Affected versions are Drupal-based MySite 4.7.x before 4.7.x-3.3 and 5.x before 5.x-1.3. The vulnerability arises in the Title field when editing a page, allowing remote attackers to inject arbitrary w...

6.8CVSS6AI score0.00977EPSS

Exploits0References3Affected Software1

exploitpack•added 2006/12/19 12:0 a.m.•14 views

osTicket 1.21.3 Support Cards - view.php Cross-Site Scripting

osTicket 1.21.3 Support Cards - view.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21669/info osTicket Support Cards is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

exploitpack•added 2006/12/19 12:0 a.m.•12 views

Mini Web Shop 2.1.c - view.php?Viewcategory.php Cross-Site Scripting

Mini Web Shop 2.1.c - view.php?Viewcategory.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21677/info Mini Web Shop is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

CERT•added 2006/12/13 12:0 a.m.•54 views

Sun Secure Global Desktop Software (SSGD) contains multiple cross-site scripting vulnerabilities

Overview The Sun Secure Global Desktop SSGD contains cross-site scripting vulnerabilities. Description Sun Secure Global Desktop formerly Tarantella contains multiple input validation vulnerabilities due to failure to properly sanitize user input. The following modules do not properly filter HTML...

6.8CVSS6.7AI score0.02731EPSS

Exploits0References8

Packet Storm•added 2006/12/11 12:0 a.m.•24 views

XD100098.txt

Orkut Group Cross Site Scripting Vulnerability XDisclose Advisory : XD100098 Vulnerability Discovered: November 08th 2006 Advisory Released : December 11th 2006 Credit : Rajesh Sethumadhavan Class : Cross Site Scripting HTML Injection Severity : Medium Solution Status : Unpatched Vendor : Google...

Packet Storm•added 2006/12/08 12:0 a.m.•20 views

orkut-xss.txt

Orkut Multiple Cross Site Scripting Vulnerabilities XDisclose Advisory : XD100092 Vulnerability Discovered: November 18th 2006 Advisory Released : December 08th 2006 Credit : Rajesh Sethumadhavan Class : Cross Site Scripting HTML Injection Severity : Medium Solution Status : Unpatched Vendor :...

Japan Vulnerability Notes•added 2006/12/08 12:0 a.m.•9 views

JVN#34830904 Shobo Shobo Nikki System (sns) cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. Also, the administrator's password could be disclosed if cookie information is leaked. Solution Products Affected sns 3.11 and earlier...

Exploit DB•added 2006/12/08 12:0 a.m.•23 views

Cilem Haber Free Edition - 'hata.asp?hata' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21511/info Ã?ilem Haber Free Edition is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...

ATTACKERKB•added 2006/12/05 11:28 a.m.•3 views

CVE-2006-6300

Cross-site scripting XSS vulnerability in CuteNews 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the result parameter...

4.3CVSS5.7AI score0.00416EPSS

Exploits1References5

Japan Vulnerability Notes•added 2006/12/04 12:0 a.m.•11 views

JVN#38746816 TikiWiki cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. Solution Products Affected TikiWiki version 1.9.5 and earlier...

exploitpack•added 2006/12/04 12:0 a.m.•10 views

Cerberus Helpdesk 2.x - Spellwin.php Cross-Site Scripting

Cerberus Helpdesk 2.x - Spellwin.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21423/info Cerberus Helpdesk is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by