Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6892 matches found

Prion
Prionadded 2015/05/12 7:59 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in the autolearn configuration page in Fortinet FortiWeb 5.1.2 through 5.3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.0136EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCveadded 2015/05/08 2:59 p.m.24 views

CVE-2015-3011

Multiple cross-site scripting XSS vulnerabilities in the contacts application in ownCloud Server Community Edition before 5.0.19, 6.x before 6.0.7, and 7.x before 7.0.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted contact...

3.5CVSS5.9AI score0.01459EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2015/05/08 2:59 p.m.23 views

CVE-2015-3012

Multiple cross-site scripting XSS vulnerabilities in WebODF before 0.5.5, as used in ownCloud, allow remote attackers to inject arbitrary web script or HTML via a 1 style or 2 font name or 3 javascript or 4 data URI...

4.3CVSS5.9AI score0.02206EPSS
Exploits0References2
Prion
Prionadded 2015/05/08 2:59 p.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in WebODF before 0.5.5, as used in ownCloud, allow remote attackers to inject arbitrary web script or HTML via a 1 style or 2 font name or 3 javascript or 4 data URI...

4.3CVSS5.9AI score0.02206EPSS
Exploits0References6Affected Software2
Cvelist
Cvelistadded 2015/05/08 2:0 p.m.23 views

CVE-2015-2347

Cross-site scripting XSS vulnerability in Huawei SEQ Analyst before V200R002C03LG0001CP0022 allows remote attackers to inject arbitrary web script or HTML via the command XML element in the req parameter to flexdata.action in 1 common/, 2 monitor/, or 3 psnpm/ or the 4 module XML element in the r...

5.9AI score0.01352EPSS
Exploits2References4
NVD
NVDadded 2015/04/29 8:59 p.m.14 views

CVE-2015-3447

Multiple cross-site scripting XSS vulnerabilities in macIpSpoofView.html in Dell SonicWall SonicOS 7.5.0.12 and 6.x allow remote attackers to inject arbitrary web script or HTML via the 1 searchSpoof or 2 searchSpoofIpDet parameter...

4.3CVSS5.7AI score0.02355EPSS
Exploits3References5
Check Point Advisories
Check Point Advisoriesadded 2015/04/28 12:0 a.m.4 views

WordPress Overly Long Comment Cross-Site Scripting (CVE-2015-3440)

A cross-site scripting vulnerability has been reported in WordPress comment mechanism. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system, and possibly gain root privileges...

4.3CVSS4.9AI score0.17945EPSS
Exploits1
Cvelist
Cvelistadded 2015/04/23 1:0 a.m.20 views

CVE-2015-0707

Cross-site scripting XSS vulnerability in Cisco FireSIGHT System Software 5.3.1.1 and 6.0.0 in FireSIGHT Management Center allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCus85425...

5.3AI score0.00783EPSS
Exploits0References1
Prion
Prionadded 2015/04/21 6:59 p.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Taxonomy Path module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via the "Link to path" field formatter...

3.5CVSS5.7AI score0.00965EPSS
Exploits0References4Affected Software1
Prion
Prionadded 2015/04/21 6:59 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.6AI score0.00965EPSS
Exploits0References4Affected Software1
Prion
Prionadded 2015/04/21 6:59 p.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Download counts report page in the Public Download Count module pubdlcnt 7.x-1.x-dev and earlier for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.7AI score0.00965EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2015/04/21 6:0 p.m.24 views

CVE-2015-3390

Cross-site scripting XSS vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors...

5.2AI score0.00965EPSS
Exploits0References4
NVD
NVDadded 2015/04/21 4:59 p.m.11 views

CVE-2015-3369

Cross-site scripting XSS vulnerability in the Taxonews module before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a term name in a block...

3.5CVSS5.3AI score0.00965EPSS
Exploits0References5
NVD
NVDadded 2015/04/21 4:59 p.m.23 views

CVE-2015-3364

Cross-site scripting XSS vulnerability in the Content Analysis module before 6.x-1.7 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a log message...

4.3CVSS5.7AI score0.01184EPSS
Exploits0References4
NVD
NVDadded 2015/04/21 4:59 p.m.14 views

CVE-2015-3357

Cross-site scripting XSS vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote authenticated users with the "access wishlists" permission to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a log messa...

3.5CVSS5.4AI score0.00965EPSS
Exploits0References4
Prion
Prionadded 2015/04/21 4:59 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Taxonews module before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via a term name in a block...

3.5CVSS5.7AI score0.00965EPSS
Exploits0References5Affected Software1
Prion
Prionadded 2015/04/21 4:59 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote authenticated users with the "access wishlists" permission to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a log messa...

3.5CVSS5.7AI score0.00965EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2015/04/17 1:59 a.m.25 views

CVE-2015-0937

Cross-site scripting XSS vulnerability in search.php on the Blue Coat Malware Analysis appliance with software before 4.2.4.20150312-RELEASE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01157EPSS
Exploits0References2
NVD
NVDadded 2015/04/15 10:59 a.m.24 views

CVE-2015-0345

Cross-site scripting XSS vulnerability in Adobe ColdFusion 10 before Update 16 and 11 before Update 5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.03382EPSS
Exploits0References2
Cvelist
Cvelistadded 2015/04/15 10:0 a.m.24 views

CVE-2015-0698

Multiple cross-site scripting XSS vulnerabilities in filter search forms in admin web pages on Cisco Web Security Appliance WSA devices with software 8.5.0-497 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut39213...

5.8AI score0.01546EPSS
Exploits0References2
Rows per page
Query Builder