CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7604 matches found

Exploit DB•added 2006/09/13 12:0 a.m.•48 views

e107 website system 0.7.5 - 'fpw.php?Query String (PATH_INFO)' Cross-Site Scripting

source: https://www.securityfocus.com/bid/19997/info e107 CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may levearge this issue to have arbitrary script code execute in the browser of an unsuspecting user i...

Japan Vulnerability Notes•added 2006/08/31 12:0 a.m.•8 views

JVN#99776858 Multiple vulnerabilities in Webmin and Usermin

Impact A remote attacker could conduct the followings: Steal Webmin and Usermin's configuration information Execute an arbitrary script on the user's web browser Possibly conduct a session hijack attack if session information from a cookie is leaked Solution Products Affected Webmin 1.290 and...

exploitpack•added 2006/08/30 12:0 a.m.•17 views

VisualShapers EZContents 2.0.3 - Loginreq2.php Cross-Site Scripting

VisualShapers EZContents 2.0.3 - Loginreq2.php Cross-Site Scripting source: https://www.securityfocus.com/bid/19780/info ezContents is prone to a cross-site scripting vulnerability because it fails to sanitize input before displaying it to users of the application. An attacker may leverage this...

Exploit DB•added 2006/07/29 12:0 a.m.•20 views

Advanced Webhost Billing System 2.2.2 Contact.PHP Multiple Cross-Site Scripting Vulnerabilities

Advanced Webhost Billing System 2.2.2 Contact.PHP Multiple Cross-Site Scripting Vulnerabilities. Webapps exploit for php platform source: http://www.securityfocus.com/bid/19226/info Advanced Webhost Billing System AWBS is prone to multiple cross-site scripting vulnerabilities because it fails to...

exploitpack•added 2006/07/27 12:0 a.m.•10 views

ZYXEL Prestige 660H-61 ADSL Router - Cross-Site Scripting

ZYXEL Prestige 660H-61 ADSL Router - Cross-Site Scripting source: https://www.securityfocus.com/bid/19180/info The Zyxel Prestige 660H-61 ADSL Router is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

Japan Vulnerability Notes•added 2006/07/18 12:0 a.m.•16 views

JVN#92975133 Loudblog cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possibly condust session hijacking. Solution Products Affected Loudblog 0.44 and earlier...

Japan Vulnerability Notes•added 2006/07/12 12:0 a.m.•12 views

JVN#76686161: ServerView cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. Solution Products Affected ServerView V2.50 - V3.60L98 ServerView V4.10L11 - V4.11L81...

exploitpack•added 2006/07/11 12:0 a.m.•12 views

Hosting Controller 1.x - error.asp Cross-Site Scripting

Hosting Controller 1.x - error.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/18933/info Hosting Controller is prone to a cross-site scripting vulnerability because it fails to sanitize input before displaying it to users of the application. An attacker may leverage this issue...

Exploit DB•added 2006/07/11 12:0 a.m.•20 views

Hosting Controller 1.x - 'error.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18933/info Hosting Controller is prone to a cross-site scripting vulnerability because it fails to sanitize input before displaying it to users of the application. An attacker may leverage this issue to have arbitrary script code execute in the browser of...

CVE•added 2006/07/06 8:0 p.m.•35 views

CVE-2006-3383

CVE-2006-3383 is a cross-site scripting (XSS) vulnerability in the index.php file of mAds 1.0. The issue allows remote attackers to inject arbitrary web script or HTML by crafting a URL that triggers Javascript events (e.g., onmouseover). The NVD-derived vector indicates an attack with network ac...

5.8CVSS5.8AI score0.00335EPSS

Exploits0References3Affected Software1

Japan Vulnerability Notes•added 2006/07/06 12:0 a.m.•14 views

JVN#44846612 ATutor cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. Authentication information could be stolen as a result. Solution Products Affected ATutor 1.5.3 RC2 and earlier...

Exploit DB•added 2006/06/27 12:0 a.m.•28 views

H-Sphere 2.5.1 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/18677/info H-Sphere is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in th...

Exploit DB•added 2006/06/26 12:0 a.m.•84 views

MVNForum Activatemember 1.0 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/18663/info mvnForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of a...

Exploit DB•added 2006/06/24 12:0 a.m.•17 views

Winged Gallery 1.0 - 'Thumb.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18629/info Winged Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browse...

exploitpack•added 2006/06/22 12:0 a.m.•14 views

Microsoft Office 2003 - Embedded Shockwave Flash Object Security Bypass

Microsoft Office 2003 - Embedded Shockwave Flash Object Security Bypass source: https://www.securityfocus.com/bid/18583/info Microsoft Office is prone to a weakness that may allow remote attackers to execute arbitrary script code contained in Shockwave Flash Objects without first requiring...

Exploit DB•added 2006/06/22 12:0 a.m.•29 views

Microsoft Office 2003 - Embedded Shockwave Flash Object Security Bypass

source: https://www.securityfocus.com/bid/18583/info Microsoft Office is prone to a weakness that may allow remote attackers to execute arbitrary script code contained in Shockwave Flash Objects without first requiring confirmation from users. A successful attack may allow attackers to access...

exploitpack•added 2006/06/21 12:0 a.m.•14 views

Maximus SchoolMAX 4.0.1 - Error_msg Cross-Site Scripting

Maximus SchoolMAX 4.0.1 - Errormsg Cross-Site Scripting source: https://www.securityfocus.com/bid/18563/info Maximus SchoolMAX is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input before displaying it to users of the application. An attacker may levera...

Tenable Nessus•added 2006/06/19 12:0 a.m.•18 views

TWiki Privilege Escalation

Binary data 3657.prm...

7.5CVSS7.3AI score0.07898EPSS

Exploits8References5

Exploit DB•added 2006/06/12 12:0 a.m.•21 views

iFoto 0.20 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18391/info iFoto is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...

exploitpack•added 2006/06/11 12:0 a.m.•13 views

FlexWATCH Network Camera - Cross-Site Scripting

FlexWATCH Network Camera - Cross-Site Scripting source: https://www.securityfocus.com/bid/18936/info FlexWATCH Network Camera is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by