CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3351 matches found

Cisco•added 2015/07/13 4:11 p.m.•81 views

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the Cisco Identity Services Engine ISE Infra Admin UI could allow an unauthenticated, remote attacker to perform a cross-site scripting XSS attack. The vulnerability is due to insufficient input validation of some parameters passed via HTTP GET or POST methods. An attacker coul...

4.3CVSS5.9AI score0.01546EPSS

Exploits0References1

OpenVAS•added 2015/06/08 12:0 a.m.•22 views

Fortinet FortiMail Stored XSS Vulnerability (FG-IR-15-005)

Fortinet FortiMail is prone to a stored cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS5AI score0.01208EPSS

Exploits1References3

OpenVAS•added 2015/05/27 12:0 a.m.•18 views

Offiria Cross-Site Scripting Vulnerability

Offiria is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:slashes&dots:offria...

4.3CVSS5.6AI score0.01193EPSS

Exploits3References4

Cisco•added 2015/05/22 4:7 p.m.•24 views

Cisco Unified Communications Manager Multiple Vulnerabilities

Multiple vulnerabilities in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS, cross-site request forgery XSRF, and phishing attacks on the affected software. The vulnerabilities are due to improper input validation of certain...

4.3CVSS6.6AI score0.00794EPSS

Exploits0References1

Patchstack•added 2015/05/15 12:0 a.m.•14 views

WordPress WP Marketplace Plugin <= 1.2.1 - Multiple Vulnerabilities

This plugin is prone to file enumeration weakness and file upload vulnerabilities. Because of them, attackers can disclose sensitive information, upload and execute arbitrary script code in the context of the webserver. Solution Update the plugin...

3.5AI score

Exploits0References1Affected Software1

Cisco•added 2015/05/14 3:56 p.m.•36 views

Cisco Access Control Server File Inclusion Vulnerability

A vulnerability in Cisco Access Control Server ACS could allow an unauthenticated, remote attacker to perform a file inclusion attack. The vulnerability is due to improper input validation of certain parameters passed to an affected device. An attacker could exploit this vulnerability by convinci...

4.3CVSS7AI score0.0111EPSS

Exploits0References1

Cisco•added 2015/05/13 5:10 p.m.•32 views

Cisco Access Control Server Cross-Site Scripting Vulnerability

A vulnerability in Cisco Access Control Server ACS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to improper input validation of certain parameters passed to an affected device. An attacker could exploit this vulnerability b...

4.3CVSS5.9AI score0.01546EPSS

Exploits0References1

Cisco•added 2015/05/12 7:39 p.m.•21 views

Cisco Headend Digital Broadband Delivery System Cross-Site Scripting Vulnerability

A vulnerability in the web-based administration interface of the Cisco Headend Digital Broadband Delivery System could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on the affected device. The vulnerability is due to improper input validation of certain...

4.3CVSS5.9AI score0.01546EPSS

Exploits0References1

OpenVAS•added 2015/05/04 12:0 a.m.•50 views

WordPress < 4.2.1 Comments Stored XSS Vulnerability

WordPress is prone to a stored cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS6.2AI score0.17869EPSS

Exploits1References3

OpenVAS•added 2015/04/29 12:0 a.m.•31 views

Dell SonicWALL SonicOS XSS Vulnerability (Apr 2015) - Active Check

Dell SonicWALL SonicOS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.1AI score0.02355EPSS

Exploits3References2

Tenable Nessus•added 2015/04/20 12:0 a.m.•14 views

Moodle 2.8.x < 2.8.2 XSS

Binary data 8724.prm...

3.5CVSS6.9AI score0.01459EPSS

Exploits0References4

Packet Storm•added 2015/04/16 12:0 a.m.•46 views

Webs ID Cross Site Scripting

Webs ID Reflected XSS Cross-site Scripting Security Vulnerabilities Exploit Title: Webs ID /login.jsp &error Parameter Reflected XSS Cross-site Scripting Security Vulnerabilities Vendor: Webs, Inc Product: Webs ID Vulnerable Versions: Tested Version: Advisory Publication: April 02, 2015 Latest...

7.4AI score

Exploits0

OpenVAS•added 2015/04/07 12:0 a.m.•29 views

JetBrains TeamCity < 8.1 Multiple Vulnerabilities

JetBrains Teamcity is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.8AI score0.01895EPSS

Exploits1References1

OpenVAS•added 2015/03/18 12:0 a.m.•42 views

Fortinet FortiMail Web Action Quarantine Release Feature XSS Vulnerability (FG-IR-15-005) - Active Check

Fortinet FortiMail is prone to a XSS vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...

4.3CVSS5.1AI score0.01208EPSS

Exploits1References2

OpenVAS•added 2015/02/27 12:0 a.m.•23 views

Adminsystems CMS Multiple Vulnerabilities

Adminsystems CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.04075EPSS

Exploits2References5

OpenVAS•added 2015/02/26 12:0 a.m.•21 views

InstantASP InstantForum.NET Multiple Cross-Site Scripting Vulnerabilities

InstantASP InstantForum.NET is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS6.2AI score0.01773EPSS

Exploits2References1

OpenVAS•added 2015/02/11 12:0 a.m.•19 views

Fortinet FortiWeb Multiple XSS Vulnerabilities (FG-IR-14-012)

Fortinet FortiWeb is prone to multiple reflective cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

4.3CVSS5AI score0.01161EPSS

Exploits0References3

OpenVAS•added 2015/02/11 12:0 a.m.•14 views

Fortinet FortiAnalyzer Multiple XSS Vulnerabilities (FG-IR-14-033)

Fortinet FortiAnalyzer is prone to multiple cross-site- scripting XSS vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective rig...

4.3CVSS5AI score0.01792EPSS

Exploits0References3

OpenVAS•added 2015/02/06 12:0 a.m.•21 views

Novell eDirectory iMonitor Multiple Vulnerabilities (Feb 2015)

Novell eDirectory is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:netiq:edirectory";...

4.3CVSS6.5AI score0.02EPSS

Exploits2References5

OpenVAS•added 2015/01/27 12:0 a.m.•25 views

MediaWiki TemplateSandbox Extension < 1.24 XSS Vulnerability (Jan 2015) - Active Check

The TemplateSandbox extension for MediaWiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

4.3CVSS6AI score0.01206EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by