CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

Prion•added 2016/02/22 5:59 a.m.•17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey...

3.5CVSS5.6AI score0.0087EPSS

Exploits0References2Affected Software1

Prion•added 2016/02/22 5:59 a.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the usergetuserdetails function in user/lib.php in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allows remote attackers to inject arbitrary web script or HTML by leveraging absence of an externalformattext call in ...

4.3CVSS6AI score0.01465EPSS

Exploits0References4Affected Software1

Cvelist•added 2016/02/22 2:0 a.m.•22 views

CVE-2015-3274

6.2AI score0.01465EPSS

Exploits0References4

OSV•added 2016/02/20 1:59 a.m.•7 views

CVE-2016-2045

Cross-site scripting XSS vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response...

5.4CVSS6.5AI score

Exploits0References5

Prion•added 2016/02/20 1:59 a.m.•25 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a 1 table name, 2 SET value, 3 search query, or 4 hostname in a Location header...

3.5CVSS5.5AI score0.01642EPSS

Exploits0References9Affected Software4

Prion•added 2016/02/17 2:59 a.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2016-1149, and CVE-2016-1150...

4.3CVSS6AI score0.01069EPSS

Exploits0References6Affected Software1

CVE•added 2016/02/17 2:0 a.m.•49 views

CVE-2016-1149

Cybozu Office is affected: versions 9.0.0–10.3.0 contain a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Impact includes potential partial integrity compromise; exploitation details are not provided in the doc...

6.1CVSS5.9AI score0.01069EPSS

Exploits0References6Affected Software1

Prion•added 2016/02/16 2:59 a.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node...

4.3CVSS6AI score0.02047EPSS

Exploits0References7Affected Software1

UbuntuCve•added 2016/02/16 2:59 a.m.•20 views

CVE-2015-7579

Cross-site scripting XSS vulnerability in the rails-html-sanitizer gem 1.0.2 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via an HTML entity that is mishandled by the Rails::Html::FullSanitizer class...

6.1CVSS6.7AI score0.02317EPSS

Exploits1References2

Prion•added 2016/02/15 11:59 p.m.•14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Cisco Emergency Responder 11.50.99833.5 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy10766...

4.3CVSS6.1AI score0.01009EPSS

Exploits0References2Affected Software1

Cvelist•added 2016/02/15 2:0 a.m.•15 views

CVE-2015-8531

Cross-site scripting XSS vulnerability in IBM Security Access Manager for Web 8.0 before 8.0.1.3 IF4 and 9.0 before 9.0.0.1 IF1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

6AI score0.00765EPSS

Exploits0References2

NVD•added 2016/02/13 2:59 a.m.•18 views

CVE-2016-0866

Cross-site scripting XSS vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.4AI score0.00906EPSS

Exploits0References1

Prion•added 2016/02/10 8:59 p.m.•19 views

Cross site scripting

Cross-site scripting XSS vulnerability in Adobe Experience Manager AEM 6.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a folder title field that is mishandled in the Deletion popup dialog...

4.3CVSS5.6AI score0.01202EPSS

Exploits0References2Affected Software1

Prion•added 2016/02/07 11:59 a.m.•24 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Cisco WebEx Meetings Server 2.5.1.5 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy01843...

4.3CVSS6.1AI score0.01009EPSS

Exploits0References2Affected Software1

NVD•added 2016/02/06 5:59 a.m.•23 views

CVE-2016-1311

Cross-site scripting XSS vulnerability in the management interface in Cisco Jabber Guest Server 10.68 allows remote attackers to inject arbitrary web script or HTML via the host tag parameter, aka Bug ID CSCuy08224...

6.1CVSS6.1AI score0.01009EPSS

Exploits0References2

Prion•added 2016/02/06 5:59 a.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query...

3.5CVSS5.6AI score0.00719EPSS

Exploits0References2Affected Software1

Cvelist•added 2016/02/06 2:0 a.m.•18 views

CVE-2016-1310

Cross-site scripting XSS vulnerability in Cisco Unity Connection 11.50.199 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033...

6AI score0.01009EPSS

Exploits0References2

Cvelist•added 2016/02/06 2:0 a.m.•18 views

CVE-2016-1311

6.1AI score0.01009EPSS

Exploits0References2

NVD•added 2016/01/30 3:59 p.m.•12 views

CVE-2016-1136

Cross-site scripting XSS vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5.1AI score0.00802EPSS

Exploits0References3

Prion•added 2016/01/27 5:59 a.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in InfoSphere Data Architect IDA, as distributed in IBM Rational Software Architect 8.5 through 9.5, Rational Software Architect for WebSphere Software RSA4WS 8.5 through 9.5, and Rational Software Architect RealTime RSART 8.5 through 9.5, allows remote...

4.3CVSS5.9AI score0.00773EPSS

Exploits0References1Affected Software4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by