CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

UbuntuCve•added 2014/02/05 6:55 p.m.•44 views

CVE-2013-1880

Cross-site scripting XSS vulnerability in the Portfolio publisher servlet in the demo web application in Apache ActiveMQ before 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the refresh parameter to demo/portfolioPublish, a different vulnerability than CVE-2012-6092...

4.3CVSS7AI score0.05895EPSS

Exploits1References2

Prion•added 2014/02/05 3:10 p.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in calendar/index.php in the Calendar plugin in Geeklog before 1.8.2sr1 and 2.0.0 before 2.0.0rc2 allows remote attackers to inject arbitrary web script or HTML via the calendartype parameter to submit.php...

4.3CVSS6.1AI score0.01885EPSS

Exploits3References5Affected Software1

Prion•added 2014/02/05 3:10 p.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in glFusion before 1.2.2.pl4 allow remote attackers to inject arbitrary web script or HTML via the 1 subject parameter to profiles.php; 2 address1, 3 address2, 4 calendartype, 5 city, 6 state, 7 title, 8 url, or 9 zipcode parameter to...

4.3CVSS6AI score0.03775EPSS

Exploits5References7Affected Software1

Prion•added 2014/02/05 3:10 p.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Xaraya 2.4.0-b1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 id, 2 interface, 3 name, or 4 tabmodule parameter to index.php...

4.3CVSS6.1AI score0.03217EPSS

Exploits2References5Affected Software1

Cvelist•added 2014/02/05 3:0 p.m.•36 views

CVE-2013-1466

5.6AI score0.03775EPSS

Exploits5References7

Prion•added 2014/02/04 9:55 p.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in the web administration interface in FortiGuard FortiWeb 5.0.3 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.7AI score0.00759EPSS

Exploits1References2Affected Software1

Prion•added 2014/02/04 5:39 a.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in user/ldapuser/add in Fortinet FortiOS 5.0.3 allows remote attackers to inject arbitrary web script or HTML via the filter parameter...

4.3CVSS6.1AI score0.02413EPSS

Exploits1References7Affected Software1

Prion•added 2014/02/04 5:39 a.m.•16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities on Lexmark W840 through LS.HA.P252, T64x before LS.ST.P344, C935dn through LC.JO.P091, C920 through LS.TA.P152, C53x through LS.SW.P069, C52x through LS.FA.P150, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printer...

3.5CVSS5.7AI score0.01713EPSS

Exploits0References4Affected Software9

NVD•added 2014/02/02 8:55 p.m.•14 views

CVE-2013-0234

Cross-site scripting XSS vulnerability in the Twitter widget in Elgg before 1.7.17 and 1.8.x before 1.8.13 allows remote attackers to inject arbitrary web script or HTML via the paramstwitterusername parameter to action/widgets/save...

4.3CVSS5.7AI score0.01457EPSS

Exploits1References8

Prion•added 2014/02/02 8:55 p.m.•14 views

Cross site scripting

4.3CVSS6.2AI score0.01457EPSS

Exploits1References8Affected Software1

Prion•added 2014/02/01 3:55 p.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in KENT-WEB Joyful Note 2.8 and earlier, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01161EPSS

Exploits0References5Affected Software1

Cvelist•added 2014/01/31 3:0 p.m.•52 views

CVE-2013-6235

Multiple cross-site scripting XSS vulnerabilities in JAMon Java Application Monitor 2.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 listenertype or 2 currentlistener parameter to mondetail.jsp or ArraySQL parameter to 3 mondetail.jsp, 4 jamonadmin.jsp, 5...

5.7AI score0.02232EPSS

Exploits2References8

NVD•added 2014/01/30 9:55 p.m.•8 views

CVE-2013-7303

Multiple cross-site scripting XSS vulnerabilities in 1 squelettes-dist/formulaires/inscription.php and 2 prive/forms/editerauteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13 allow remote attackers to inject arbitrary web script or HTML via the author name field...

4.3CVSS5.8AI score0.02363EPSS

Exploits0References9

UbuntuCve•added 2014/01/30 9:55 p.m.•24 views

CVE-2013-7303

4.3CVSS6AI score0.02363EPSS

Exploits0References1

Debian CVE•added 2014/01/30 9:0 p.m.•21 views

CVE-2013-7303

4.3CVSS4AI score0.02363EPSS

Exploits0

NVD•added 2014/01/30 7:55 p.m.•16 views

CVE-2014-1837

Cross-site scripting XSS vulnerability in the StackIdeas Komento comkomento component before 1.7.4 for Joomla! allows remote attackers to inject arbitrary web script or HTML via vectors related to "checking new comments."...

4.3CVSS5.6AI score0.01161EPSS

Exploits0References5

NVD•added 2014/01/30 6:55 p.m.•30 views

CVE-2014-0793

Multiple cross-site scripting XSS vulnerabilities in the StackIdeas Komento comkomento component before 1.7.3 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the 1 website or 2 latitude parameter in a comment to the default URI...

4.3CVSS5.7AI score0.01824EPSS

Exploits5References5

Prion•added 2014/01/30 6:55 p.m.•20 views

Cross site scripting

Cross-site scripting XSS vulnerability in login.esp in the Web Management Interface in Media5 Mediatrix 4402 VoIP Gateway with firmware Dgw 1.1.13.186 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter...

4.3CVSS6.1AI score0.02541EPSS

Exploits1References7Affected Software2

Cvelist•added 2014/01/30 6:0 p.m.•34 views

CVE-2014-0793

5.7AI score0.01824EPSS

Exploits5References5

Prion•added 2014/01/30 3:6 p.m.•18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in widget/screen/ModelScreenWidget.java in Apache Open For Business Project aka OFBiz 10.04.x before 10.04.05, 11.04.01, and possibly 09.04.x allow remote authenticated users to inject arbitrary web script or HTML via the 1 Screenlet.title or 2...

3.5CVSS5.8AI score0.2123EPSS

Exploits1References9Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by