Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6892 matches found

Prion
Prionadded 2014/08/18 11:15 a.m.25 views

Cross site scripting

Cross-site scripting XSS vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted avatar URL...

2.1CVSS5.7AI score0.02196EPSS
Exploits0References4Affected Software2
Cvelist
Cvelistadded 2014/08/18 10:0 a.m.34 views

CVE-2014-5240

Cross-site scripting XSS vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted avatar URL...

5.1AI score0.02196EPSS
Exploits0References4
NVD
NVDadded 2014/08/17 6:55 p.m.14 views

CVE-2014-3905

Cross-site scripting XSS vulnerability in tenfourzero Shutter 0.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00931EPSS
Exploits0References2
Prion
Prionadded 2014/08/17 6:55 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/picturemodify.php in the photo-edit subsystem in Piwigo 2.6.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the associate field, a different vulnerability than CVE-2014-4649...

4.3CVSS6AI score0.01792EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2014/08/14 1:0 a.m.22 views

CVE-2014-3898

Cross-site scripting XSS vulnerability in Fujitsu ServerView Operations Manager 5.00.09 through 6.30.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01792EPSS
Exploits0References5
Patchstack
Patchstackadded 2014/08/14 12:0 a.m.21 views

WordPress <= 3.9.1 - XSS

This vulnerability is in the wp-includes/pluggable.php. It allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted avatar URL. Solution Update WordPress...

2.1CVSS4.2AI score0.02196EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2014/08/12 11:55 p.m.12 views

CVE-2014-5202

Cross-site scripting XSS vulnerability in compfight-search.php in the Compfight plugin 1.4 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the search-value parameter...

3.5CVSS5.4AI score0.01542EPSS
Exploits1References3
Prion
Prionadded 2014/08/12 5:1 a.m.29 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM WebSphere Portal 7.0.0 through 7.0.0.2 CF28 and 8.0.0 before 8.0.0.1 CF13 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

3.5CVSS5.5AI score0.01417EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessusadded 2014/08/08 12:0 a.m.26 views

Mandriva Linux Security Advisory : ocsinventory (MDVSA-2014:156)

Updated ocsinventory packages fix security vulnerability : Multiple cross-site scripting XSS vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors CVE-2014-4722. %NASLMINLEVEL 70300 C Tenable...

4.3CVSS5.2AI score0.02347EPSS
Exploits0References2
NVD
NVDadded 2014/08/07 11:13 a.m.16 views

CVE-2014-5190

Cross-site scripting XSS vulnerability in captcha-secureimage/test/index.php in the SI CAPTCHA Anti-Spam plugin 2.7.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.8AI score0.02041EPSS
Exploits1References3
Prion
Prionadded 2014/08/07 11:13 a.m.25 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Preview plugin before 4.4.3 in CKEditor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01834EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2014/08/07 11:13 a.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the category parameter. NOTE: the url parameter vector is already covered by CVE-2014-5082...

4.3CVSS5.9AI score0.021EPSS
Exploits7References3Affected Software1
Cvelist
Cvelistadded 2014/08/07 10:0 a.m.19 views

CVE-2014-5190

Cross-site scripting XSS vulnerability in captcha-secureimage/test/index.php in the SI CAPTCHA Anti-Spam plugin 2.7.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

5.8AI score0.02041EPSS
Exploits1References3
Cvelist
Cvelistadded 2014/08/07 10:0 a.m.21 views

CVE-2014-5193

Cross-site scripting XSS vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the category parameter. NOTE: the url parameter vector is already covered by CVE-2014-5082...

7.8AI score0.01832EPSS
Exploits1References3
Cvelist
Cvelistadded 2014/08/07 10:0 a.m.18 views

CVE-2014-3774

Multiple cross-site scripting XSS vulnerabilities in items.php in TeamPass before 2.1.20 allow remote attackers to inject arbitrary web script or HTML via the group parameter, which is not properly handled in a 1 hidcat or 2 openfolder form element, or 3 id parameter, which is not properly handle...

5.8AI score0.01885EPSS
Exploits1References5
Prion
Prionadded 2014/08/06 6:55 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Easy File Sharing EFS Web Server 6.8 allow remote authenticated users to inject arbitrary web script or HTML via the content parameter when 1 creating a topic or 2 posting an answer. NOTE: some of these details are obtained from third party...

4.3CVSS5.7AI score0.01842EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2014/08/06 6:0 p.m.37 views

CVE-2014-5178

CVE-2014-5178 affects Easy File Sharing (EFS) Web Server 6.8. The vulnerability is cross-site scripting (XSS) triggered by the content parameter during topic creation or when posting an answer, exploitable by remote authenticated users. The provided documents do not specify a patch or a remediati...

4.3CVSS5.5AI score0.01842EPSS
Exploits1References4Affected Software1
Mageia
Mageiaadded 2014/08/05 8:8 p.m.47 views

Updated ocsinventory packages fix security vulnerability

Multiple cross-site scripting XSS vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors CVE-2014-4722. Also, the web interface has been fixed to work with Apache HTTPD 2.4...

4.3CVSS5.8AI score0.02347EPSS
Exploits0References2
Prion
Prionadded 2014/07/30 11:15 a.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in IBM Maximo Asset Management 6.2 through 6.2.8, 6.x and 7.1 through 7.1.1.2, and 7.5 through 7.5.0.6; Maximo Asset Management 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk; and Maximo Asset Management 6.2 through 6.2....

3.5CVSS5.6AI score0.01046EPSS
Exploits0References6Affected Software11
Prion
Prionadded 2014/07/29 8:55 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in IBM Atlas Suite aka Atlas Policy Suite, as used in Atlas eDiscovery Process Management through 6.0.3, Disposal and Governance Management for IT through 6.0.3, and Global Retention Policy and Schedule Management through 6.0.3, allow remote...

4.3CVSS6AI score0.01171EPSS
Exploits0References4Affected Software3
Rows per page
Query Builder