Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6892 matches found

Prion
Prionadded 2019/07/23 3:15 p.m.16 views

Hardcoded credentials

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board title contents" parameter, aka the adm/boardformupdate.php bosubject parameter...

4.3CVSS6AI score0.01521EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2019/07/10 10:15 p.m.12 views

Cross site scripting

A cross-site scripting XSS vulnerability in static/js/trape.js in Trape through 2019-05-08 allows remote attackers to inject arbitrary web script or HTML via the country, query, or refer parameter to the /register URI, because the jQuery prepend method is used...

4.3CVSS6AI score0.01104EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2019/07/09 5:15 p.m.14 views

CVE-2019-13397

Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote attacker to gain admin privileges by injecting arbitrary web script or HTML via arbitrary file extension while creating a support ticket...

6.1CVSS6AI score
Exploits0References1
Prion
Prionadded 2019/07/09 5:15 p.m.18 views

Cross site scripting

Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote attacker to gain admin privileges by injecting arbitrary web script or HTML via arbitrary file extension while creating a support ticket...

4.3CVSS6AI score0.01108EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2019/07/08 8:15 p.m.15 views

Cross site scripting

A cross-site scripting XSS vulnerability in noMenu and noSubMenu in core/navigation/MENU.php in WIKINDX prior to version 5.8.1 allows remote attackers to inject arbitrary web script or HTML via the method parameter...

4.3CVSS5.9AI score0.01141EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2019/07/05 2:15 p.m.16 views

CVE-2019-5970

Cross-site scripting vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.1AI score0.01596EPSS
Exploits0References4
Prion
Prionadded 2019/07/05 2:15 p.m.13 views

Cross site scripting

Cross-site scripting vulnerability in Joruri CMS 2017 Release2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.0104EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2019/07/05 1:20 p.m.13 views

CVE-2019-5962

Cross-site scripting vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.5AI score0.01587EPSS
Exploits0References3
Cvelist
Cvelistadded 2019/07/05 1:20 p.m.21 views

CVE-2019-5967

Cross-site scripting vulnerability in Joruri CMS 2017 Release2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1AI score0.0104EPSS
Exploits0References2
NVD
NVDadded 2019/07/03 7:15 p.m.10 views

CVE-2018-14864

Incorrect access control in asset bundles in Odoo Community 9.0 through 11.0 and earlier and Odoo Enterprise 9.0 through 11.0 and earlier allows remote authenticated users to inject arbitrary web script via a crafted attachment...

6.5CVSS6.2AI score0.01183EPSS
Exploits0References1
Prion
Prionadded 2019/07/03 7:15 p.m.13 views

Improper access control

Incorrect access control in asset bundles in Odoo Community 9.0 through 11.0 and earlier and Odoo Enterprise 9.0 through 11.0 and earlier allows remote authenticated users to inject arbitrary web script via a crafted attachment...

4CVSS6.1AI score0.01183EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2019/07/01 4:15 p.m.19 views

Cross site scripting

Cross-Site-Scripting XSS vulnerabilities in F5 WebSafe Dashboard 3.9.5 and earlier, aka F5 WebSafe Alert Server, allow privileged authenticated users to inject arbitrary web script or HTML when creating a new user, account or signature...

3.5CVSS6.5AI score0.00636EPSS
Exploits0References1Affected Software1
Check Point Advisories
Check Point Advisoriesadded 2019/07/01 12:0 a.m.0 views

WordPress Yuzo Related Posts Plugin Cross-Site Scripting

A Cross-Site Scripting vulnerability exists in WordPress Yuzo Related Posts plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

4.8AI score
Exploits0
NVD
NVDadded 2019/06/30 3:15 p.m.15 views

CVE-2019-11825

Cross-site scripting XSS vulnerability in Event Editor in Synology Calendar before 2.3.0-0615 allows remote attackers to inject arbitrary web script or HTML via the title parameter...

6.5CVSS6.2AI score0.00803EPSS
Exploits0References1
Prion
Prionadded 2019/06/30 3:15 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in Event Editor in Synology Calendar before 2.3.0-0615 allows remote attackers to inject arbitrary web script or HTML via the title parameter...

3.5CVSS5.4AI score0.00803EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2019/06/30 3:15 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in Chart in Synology Office before 3.1.4-2771 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5AI score0.00707EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2019/06/30 3:5 p.m.19 views

CVE-2019-11828

Cross-site scripting XSS vulnerability in Chart in Synology Office before 3.1.4-2771 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

5.5CVSS5.1AI score0.00707EPSS
Exploits0References1
OpenVAS
OpenVASadded 2019/05/27 12:0 a.m.24 views

Cybozu Garoon 4.6.x <= 4.6.3 XSS Vulnerability

Cybozu Garron is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cybozu:garoon...

4.8CVSS5.3AI score0.00821EPSS
Exploits0References1
NVD
NVDadded 2019/05/17 4:29 p.m.18 views

CVE-2019-5928

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via Customize Item function...

6.1CVSS6.2AI score0.01067EPSS
Exploits0References3
Prion
Prionadded 2019/05/17 4:29 p.m.22 views

Cross site scripting

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via Customize Item function...

4.3CVSS6.5AI score0.01067EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder