Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3218 matches found

securityvulns
securityvulnsadded 2010/05/27 12:0 a.m.38 views

XSS vulnerability in RuubikCMS

Vulnerability ID: HTB22380 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinruubikcms.html Product: RuubikCMS Vendor: Piuha Vulnerable Version: 1.0.3 and Probably Prior Versions Vendor Notification: 10 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor...

0.3AI score
Exploits0
securityvulns
securityvulnsadded 2010/05/21 12:0 a.m.39 views

XSS vulnerability in LiSK CMS

Vulnerability ID: HTB22372 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinproduct.html Product: LiSK CMS Vendor: Createch-group Vulnerable Version: 4.4 Vendor Notification: 05 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted, Awaiting Vendor...

0.4AI score
Exploits0
Packet Storm
Packet Stormadded 2010/05/12 12:0 a.m.22 views

Saurus CMS 4.7.0 Cross Site Scripting

Vulnerability ID: HTB22361 Reference: http://www.htbridge.ch/advisory/xssinsauruscms.html Product: Saurus CMS Community Editon Vendor: Saurused Ltd Vulnerable Version: 4.7.0 Vendor Notification: 27 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted, Awaiting...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2010/05/11 12:0 a.m.47 views

XSS vulnerability in EasyPublish CMS

Vulnerability ID: HTB22356 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityineasypublishcms.html Product: EasyPublish CMS Vendor: Escio AS Vulnerable Version: Current at 23.04.2010 and Probably Prior Versions Vendor Notification: 23 April 2010 Vulnerability Type: XSS Cross Site Scripti...

0.3AI score
Exploits0
Packet Storm
Packet Stormadded 2010/05/08 12:0 a.m.17 views

Jaws 0.8.12 Cross Site Scripting

Vulnerability ID: HTB22357 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinjaws.html Product: Jaws Vendor: Jaws Project Vulnerable Version: 0.8.12 and Probably Prior Versions Vendor Notification: 23 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor...

0.1AI score
Exploits0
Packet Storm
Packet Stormadded 2010/05/05 12:0 a.m.21 views

Acuity CMS 2.6.2 Cross Site Scripting

Vulnerability ID: HTB22352 Reference: http://www.htbridge.ch/advisory/xssinacuitycms.html Product: Acuity CMS asp version Vendor: The Collective Vulnerable Version: 2.6.2 ASP and Probably Prior Versions Vendor Notification: 19 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not...

Exploits0
OpenVAS
OpenVASadded 2010/05/04 12:0 a.m.30 views

Mozilla Firefox Code Execution Vulnerability (Windows) - May10

The host is installed with Mozilla Firefox browser and is prone to code execution vulnerability OpenVAS Vulnerability Test $Id: gbfirefoxcodeexevulnwinmay10.nasl 5306 2017-02-16 09:00:16Z teissa $ Mozilla Firefox Code Execution Vulnerability Windows - May10 Authors: Antu Sanadi Copyright: Copyrig...

9.3CVSS0.6AI score0.01466EPSS
Exploits2References3
CVE
CVEadded 2010/04/28 10:0 p.m.122 views

CVE-2010-1585

CVE-2010-1585 affects Mozilla Firefox (ParanoidFragmentSink) where nsIScriptableUnescapeHTML.parseFragment fails to sanitize chrome HTML, enabling remote JavaScript execution via javascript: URIs in input to extensions. Affected products/versions: Firefox <3.5.17 and <3.6.14; SeaMonkey <...

9.3CVSS9.3AI score0.01466EPSS
Exploits2References9Affected Software1
Cvelist
Cvelistadded 2010/04/05 5:0 p.m.24 views

CVE-2010-0179

Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute...

9.4AI score0.00723EPSS
Exploits0References25
UbuntuCve
UbuntuCveadded 2010/04/05 12:0 a.m.39 views

CVE-2010-0179

Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute...

5.1CVSS7.2AI score0.00723EPSS
Exploits0References3
Prion
Prionadded 2010/03/30 6:30 p.m.8 views

Design/Logic Flaw

Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.6.3 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari, a...

6.8CVSS7.4AI score0.00345EPSS
Exploits0References2Affected Software2
NVD
NVDadded 2010/03/30 6:30 p.m.10 views

CVE-2010-0063

Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.6.3 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari, a...

6.8CVSS7AI score0.00345EPSS
Exploits0References2
securityvulns
securityvulnsadded 2009/12/17 12:0 a.m.45 views

Mozilla Foundation Security Advisory 2009-70

Mozilla Foundation Security Advisory 2009-70 Title: Privilege escalation via chrome window.opener Impact: Moderate Announced: December 15, 2009 Reporter: David James Products: Firefox, SeaMonkey Fixed in: Firefox 3.5.6 Firefox 3.0.16 SeaMonkey 2.0.1 Description Security researcher David James...

7.6CVSS1AI score0.01982EPSS
Exploits1
seebug.org
seebug.orgadded 2009/12/08 12:0 a.m.13 views

Viscacha 0.8 Gold persistant XSS vulnerability

No description provided by source. Viscacha 0.8 Gold persistant XSS vulnerability Found By: mrme Download: http://www.viscacha.org/ Tested On: Windows Vista Note: For educational purposes only POC Info: A regular user of the board can embed javascript code that could be executed within the contex...

7.1AI score
Exploits0
NVD
NVDadded 2009/12/04 7:30 p.m.10 views

CVE-2009-4148

DAZ Studio 2.3.3.161, 2.3.3.163, and 3.0.1.135 allows remote attackers to execute arbitrary JavaScript code via a 1 .ds, 2 .dsa, 3 .dse, or 4 .dsb file, as demonstrated by code that loads the WScript.Shell ActiveX control, related to a "script injection vulnerability."...

9.3CVSS7.5AI score0.01857EPSS
Exploits6References3
Prion
Prionadded 2009/12/04 7:30 p.m.12 views

Design/Logic Flaw

DAZ Studio 2.3.3.161, 2.3.3.163, and 3.0.1.135 allows remote attackers to execute arbitrary JavaScript code via a 1 .ds, 2 .dsa, 3 .dse, or 4 .dsb file, as demonstrated by code that loads the WScript.Shell ActiveX control, related to a "script injection vulnerability."...

9.3CVSS8AI score0.01857EPSS
Exploits6References3Affected Software1
Prion
Prionadded 2009/12/02 7:30 p.m.14 views

Information disclosure

Unspecified vulnerability in Wikipedia Toolbar extension before 0.5.9.2 for Firefox allows user-assisted remote attackers to execute arbitrary JavaScript with Chrome privileges via vectors involving unspecified Toolbar buttons and the eval function. NOTE: the provenance of this information is...

9.3CVSS7.5AI score0.00884EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2009/12/02 7:0 p.m.18 views

CVE-2009-4127

Unspecified vulnerability in Wikipedia Toolbar extension before 0.5.9.2 for Firefox allows user-assisted remote attackers to execute arbitrary JavaScript with Chrome privileges via vectors involving unspecified Toolbar buttons and the eval function. NOTE: the provenance of this information is...

6.9AI score0.00884EPSS
Exploits0References4
NVD
NVDadded 2009/10/29 2:30 p.m.15 views

CVE-2009-3374

The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to...

7.5CVSS6.1AI score0.00887EPSS
Exploits0References7
CVE
CVEadded 2009/10/29 2:0 p.m.103 views

CVE-2009-3374

CVE-2009-3374 affects Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4. The XPCVariant::VariantDataToJS function in the XPCOM layer does not enforce restrictions on interaction between chrome privileged code and objects from remote sites, allowing a remote attacker to execute arbitrary ...

7.5CVSS7.2AI score0.00887EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder