Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6892 matches found

Cvelist
Cvelistadded 2015/12/30 2:0 a.m.19 views

CVE-2015-7252

Cross-site scripting XSS vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.kPE allows remote attackers to inject arbitrary web script or HTML via the errorpage parameter...

7.2AI score0.02707EPSS
Exploits4References4
Prion
Prionadded 2015/12/29 5:59 p.m.8 views

Cross site scripting

Cross-site scripting XSS vulnerability in the NTT DATA Smart Sourcing JavaScript module 2003-11-26 through 2013-07-09 for Web Analytics Service allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.0102EPSS
Exploits0References4
Prion
Prionadded 2015/12/27 7:59 p.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in Let's PHP! p++BBS before 4.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01009EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2015/12/27 3:59 a.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via 1 an SNMP OID object, 2 an SNMP trap message, 3 the View Names field, 4 the Group Names field, 5 the Flow Monitor Credentials field, 6 the Flow...

3.5CVSS6AI score0.01866EPSS
Exploits1References5Affected Software1
OpenVAS
OpenVASadded 2015/12/16 12:0 a.m.29 views

Google Chrome Multiple Vulnerabilities-02 (Dec 2015) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

10CVSS9.2AI score0.03199EPSS
Exploits0References1
OpenVAS
OpenVASadded 2015/12/16 12:0 a.m.20 views

zTree Cross Site Scripting Vulnerability

zTree is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ztreeproject:ztree";...

4.3CVSS5.8AI score0.01917EPSS
Exploits3References2
Debian CVE
Debian CVEadded 2015/12/14 11:0 a.m.33 views

CVE-2015-6790

Removed by vendor...

4.3CVSS9.3AI score0.01364EPSS
Exploits0
Prion
Prionadded 2015/12/14 3:59 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the management interface on Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCux24935...

4.3CVSS6.3AI score0.07538EPSS
Exploits4References3Affected Software1
Prion
Prionadded 2015/12/09 11:59 a.m.16 views

Privilege escalation

Microsoft Internet Explorer 11 and Microsoft Edge mishandle content types, which allows remote attackers to execute arbitrary web script in a privileged context via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability."...

9.3CVSS7.4AI score0.16103EPSS
Exploits0References4Affected Software1
Prion
Prionadded 2015/12/07 8:59 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in zTree 3.5.19.1 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to demo/en/asyncData/getNodesForBigData.php...

4.3CVSS6.3AI score0.01917EPSS
Exploits3References3Affected Software1
Cvelist
Cvelistadded 2015/12/07 8:0 p.m.17 views

CVE-2015-7348

Cross-site scripting XSS vulnerability in zTree 3.5.19.1 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to demo/en/asyncData/getNodesForBigData.php...

5.8AI score0.01917EPSS
Exploits3References3
Prion
Prionadded 2015/12/05 3:59 a.m.33 views

Cross site scripting

Cross-site scripting XSS vulnerability in Cisco Unified Computing System UCS Central Software 1.30.1 allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCux33573...

4.3CVSS6AI score0.0136EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2015/12/03 3:59 a.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in the management interface in Cisco Unity Connection 9.11.10 allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCup92741...

4.3CVSS6AI score0.0136EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2015/12/03 2:0 a.m.28 views

CVE-2015-6390

Cross-site scripting XSS vulnerability in the management interface in Cisco Unity Connection 9.11.10 allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCup92741...

5.6AI score0.0136EPSS
Exploits0References2
Prion
Prionadded 2015/11/21 11:59 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in advpwdcgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128100611 through TS0705125D031115 allows remote attackers to inject arbitrary web script or HTML via the pwd parameter...

4.3CVSS6.3AI score0.0117EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2015/11/18 9:59 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8052...

4.3CVSS5.9AI score0.03119EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2015/11/18 3:0 p.m.26 views

CVE-2015-6372

Cross-site scripting XSS vulnerability in the web-based management interface in Cisco Firepower Extensible Operating System 1.11.160 on Firepower 9000 devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux10614...

5.7AI score0.00961EPSS
Exploits0References1
NVD
NVDadded 2015/11/17 3:59 p.m.18 views

CVE-2015-8233

Cross-site scripting XSS vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the "Administer themes" permission to inject arbitrary web script or HTML via unspecified vectors related to theme settings...

2.6CVSS5.6AI score0.01316EPSS
Exploits0References3
Cvelist
Cvelistadded 2015/11/17 3:0 p.m.26 views

CVE-2015-7997

Multiple cross-site scripting XSS vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM SVM devices allow...

5.8AI score0.00997EPSS
Exploits0References2
NVD
NVDadded 2015/11/12 3:59 a.m.17 views

CVE-2015-6363

Multiple cross-site scripting XSS vulnerabilities in the web framework in Cisco FireSIGHT Management Center MC 5.4.1.4 and 6.0.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuw88396...

3.5CVSS5.4AI score0.01075EPSS
Exploits0References2
Rows per page
Query Builder