Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6892 matches found

Prion
Prionadded 2017/01/23 9:59 p.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Backend component in TYPO3 6.2.x before 6.2.19 allows remote attackers to inject arbitrary web script or HTML via the module parameter when creating a bookmark...

4.3CVSS6.1AI score0.0108EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2017/01/23 9:0 p.m.58 views

CVE-2016-4056

TYPO3 Backend component (TYPO3 6.2.x before 6.2.19) is affected by a Cross-site scripting (XSS) vulnerability. An attacker can inject arbitrary script/HTML via the module parameter when creating a bookmark, enabling script execution in an authenticated user’s browser. The issue stems from insuffi...

6.1CVSS5.9AI score0.0108EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2017/01/20 3:0 p.m.34 views

CVE-2014-2045

Multiple cross-site scripting XSS vulnerabilities in the old and new interfaces in Viprinet Multichannel VPN Router 300 allow remote attackers to inject arbitrary web script or HTML via the username when 1 logging in or 2 creating an account in the old interface, 3 username when creating an accou...

6.2AI score0.04492EPSS
Exploits5References5
Prion
Prionadded 2017/01/20 8:59 a.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in template/usererror.missingextension.php in Symphony CMS before 2.6.10 allows remote attackers to inject arbitrary web script or HTML via the existing-folder parameter...

4.3CVSS6AI score0.0116EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2017/01/20 8:59 a.m.19 views

CVE-2017-5542

Cross-site scripting XSS vulnerability in template/usererror.missingextension.php in Symphony CMS before 2.6.10 allows remote attackers to inject arbitrary web script or HTML via the existing-folder parameter...

6.1CVSS6.1AI score0.0116EPSS
Exploits0References3
Veracode
Veracodeadded 2017/01/19 9:13 a.m.17 views

Cross-site Scripting (XSS)

b2evolution is vulnerable to Cross-site scripting XSS vulnerability. It allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function...

6.1CVSS5.9AI score0.01239EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2017/01/18 10:59 p.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 102637...

4.3CVSS6.1AI score0.01449EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2017/01/18 10:59 p.m.84 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 104222, 104910, 105071, and 105175...

4.3CVSS6.2AI score0.01449EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2017/01/18 10:59 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 101813...

4.3CVSS6.1AI score0.01449EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2017/01/18 10:59 p.m.16 views

CVE-2016-3412

Multiple cross-site scripting XSS vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 103997, 104413, 104414, 104777, and 104791...

6.1CVSS6.3AI score0.01449EPSS
Exploits0References3
Prion
Prionadded 2017/01/18 5:59 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function...

4.3CVSS6.1AI score0.01239EPSS
Exploits0References4Affected Software1
Prion
Prionadded 2017/01/18 5:59 p.m.7 views

Cross site scripting

Cross-site scripting XSS vulnerability in validerxml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the varurl parameter in a validerxml action...

4.3CVSS6AI score0.08216EPSS
Exploits2References7Affected Software1
OSV
OSVadded 2017/01/18 5:59 p.m.16 views

CVE-2016-7149

Cross-site scripting XSS vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function...

6.1CVSS5.8AI score
Exploits0References4
Prion
Prionadded 2017/01/18 5:59 p.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in b2evolution 6.7.5 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the site name...

3.5CVSS5.6AI score0.00904EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2017/01/18 5:59 p.m.17 views

CVE-2016-7150

Cross-site scripting XSS vulnerability in b2evolution 6.7.5 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the site name...

5.4CVSS5.4AI score
Exploits0References4
Cvelist
Cvelistadded 2017/01/18 5:0 p.m.21 views

CVE-2016-7150

Cross-site scripting XSS vulnerability in b2evolution 6.7.5 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the site name...

5.3AI score0.00904EPSS
Exploits0References4
NVD
NVDadded 2017/01/17 9:59 a.m.15 views

CVE-2017-5515

Cross-site scripting XSS vulnerability in the user prompt function in GeniXCMS through 0.0.8 allows remote authenticated users to inject arbitrary web script or HTML via tag names...

5.4CVSS5.2AI score0.00787EPSS
Exploits1References2
Prion
Prionadded 2017/01/15 10:59 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the file types table in b2evolution through 6.8.3 allow remote authenticated users to inject arbitrary web script or HTML via a .swf file in a 1 comment frame or 2 avatar frame...

3.5CVSS5.1AI score0.01165EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2017/01/15 2:59 a.m.25 views

CVE-2017-5490

Cross-site scripting XSS vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to...

6.1CVSS5.6AI score
Exploits0References9
NVD
NVDadded 2017/01/15 2:59 a.m.21 views

CVE-2017-5488

Multiple cross-site scripting XSS vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 version header of a plugin...

6.1CVSS7.3AI score0.01755EPSS
Exploits0References8
Rows per page
Query Builder