CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

NVD•added 2012/10/08 11:55 p.m.•14 views

CVE-2012-5330

Multiple cross-site scripting XSS vulnerabilities in asaanCart 0.9 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to calc.php, 2 chat.php, 3 register.php, or 4 index.php in libs/smartyajax/; or the 5 page parameter to libs/smartyajax/index.php...

4.3CVSS5.8AI score0.01631EPSS

Exploits1References4

NVD•added 2012/10/08 8:55 p.m.•23 views

CVE-2012-0846

Cross-site scripting XSS vulnerability in Craig Knudsen WebCalendar 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the Location variable...

4.3CVSS5.5AI score0.01693EPSS

Exploits1References9

NVD•added 2012/10/08 8:55 p.m.•12 views

CVE-2012-5325

Multiple cross-site scripting XSS vulnerabilities in the scrdoredirect function in scr.php in the Shortcode Redirect plugin 1.0.01 and earlier for WordPress allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via the 1 url or 2 sec attributes in a...

2.1CVSS5.6AI score0.0158EPSS

Exploits1References3

Prion•added 2012/10/08 8:55 p.m.•9 views

Cross site scripting

2.1CVSS5.8AI score0.0158EPSS

Exploits1References3Affected Software1

Prion•added 2012/10/08 8:55 p.m.•14 views

Cross site scripting

Cross-site scripting XSS vulnerability in Craig Knudsen WebCalendar 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the Location variable...

4.3CVSS5.8AI score0.01693EPSS

Exploits1References9Affected Software1

Cvelist•added 2012/10/08 5:0 p.m.•17 views

CVE-2012-5316

Multiple cross-site scripting XSS vulnerabilities in Barracuda Spam & Virus Firewall 600 Firmware 4.0.1.009 and earlier allow remote authenticated users to inject arbitrary web script or HTML via 1 Troubleshooting in the Trace route Device module or 2 LDAP Username in the LDAP Configuration modul...

5.5AI score0.00976EPSS

Exploits1References4

Prion•added 2012/10/08 10:47 a.m.•17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Virtual War aka VWar 1.6.1 R2 allow remote attackers to inject arbitrary web script or HTML via 1 the Additional Information field to challenge.php, the 2 Additional Information or 3 Contact information field to joinus.php, 4 the War Report fie...

4.3CVSS5.9AI score0.00984EPSS

Exploits1References2Affected Software1

Cvelist•added 2012/10/08 10:0 a.m.•23 views

CVE-2010-5064

5.6AI score0.00984EPSS

Exploits1References2

Patchstack•added 2012/10/08 12:0 a.m.•16 views

WordPress Shortcode Redirect Plugin <= 1.0.01 - Multiple XSS

Because of these vulnerabilities, the authenticated users with certain permissions can inject arbitrary web script or HTML. Solution Update the plugin...

2.1CVSS1.1AI score0.0158EPSS

Exploits1References1Affected Software1

NVD•added 2012/10/06 10:55 p.m.•19 views

CVE-2012-5305

Cross-site scripting XSS vulnerability in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter...

4.3CVSS5.7AI score0.01161EPSS

Exploits1References4

Prion•added 2012/10/06 9:55 p.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Lingotek module 6.x-1.x before 6.x-1.40 for Drupal allow remote authenticated users to inject arbitrary web script or HTML when 1 creating or 2 editing page content...

3.5CVSS5.7AI score0.0107EPSS

Exploits0References7Affected Software1

NVD•added 2012/10/04 5:55 p.m.•11 views

CVE-2011-5207

Cross-site scripting XSS vulnerability in admin/OptionsPostsList.php in the TheCartPress plugin for WordPress before 1.1.6 before 2011-12-31 allows remote attackers to inject arbitrary web script or HTML via the tcpnamepostXXXXX parameter...

4.3CVSS5.8AI score0.04535EPSS

Exploits1References5

Prion•added 2012/10/04 5:55 p.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in notes.php in Rapidleech before 2.3 rev42 SVN r399 allows remote attackers to inject arbitrary web script or HTML via the notes parameter...

4.3CVSS6.1AI score0.01206EPSS

Exploits1References4Affected Software1

Prion•added 2012/10/04 5:55 p.m.•15 views

Cross site scripting

4.3CVSS6.2AI score0.04535EPSS

Exploits1References5Affected Software1

Cvelist•added 2012/10/04 5:0 p.m.•17 views

CVE-2011-5206

Cross-site scripting XSS vulnerability in notes.php in Rapidleech before 2.3 rev42 SVN r399 allows remote attackers to inject arbitrary web script or HTML via the notes parameter...

5.7AI score0.01206EPSS

Exploits1References4

Cvelist•added 2012/10/04 5:0 p.m.•18 views

CVE-2011-5205

Cross-site scripting XSS vulnerability in audl.php in Rapidleech 2.3 rev42 SVN r358, rev43 SVN r397, and earlier allows remote attackers to inject arbitrary web script or HTML via the links parameter...

5.7AI score0.01208EPSS

Exploits1References4

Prion•added 2012/10/01 11:55 p.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in NextBBS 0.6 allows remote attackers to inject arbitrary web script or HTML via the do parameter to index.php...

4.3CVSS6.2AI score0.02049EPSS

Exploits1References7Affected Software1

NVD•added 2012/10/01 8:55 p.m.•17 views

CVE-2012-5228

Cross-site scripting XSS vulnerability in admin/index.php in phplist 2.10.9, 2.10.17, and possibly other versions before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the testtarget parameter. NOTE: some of these details are obtained from third party information...

4.3CVSS5.8AI score0.01646EPSS

Exploits1References5

NVD•added 2012/10/01 8:55 p.m.•12 views

CVE-2012-1898

Multiple cross-site scripting XSS vulnerabilities in wolfcms/admin/user/add in Wolf CMS 0.75 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 username, 2 useremail, or 3 userusername parameters...

4.3CVSS5.8AI score0.01623EPSS

Exploits1References3

Prion•added 2012/10/01 8:55 p.m.•14 views

Cross site scripting

4.3CVSS6.1AI score0.01623EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by