CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

93 matches found

CNVD•added 2015/02/05 12:0 a.m.•2 views

SnipSnap 'query' parameter cross-site scripting vulnerability

SnipSnap is a free java written and easy to install webBlog and wiki tools. A cross-site scripting vulnerability exists in the SnipSnap 'query' parameter due to the program failing to properly process user-supplied input. This allows an attacker to steal cookie-based authentication credentials an...

4.3CVSS6.9AI score0.00931EPSS

Exploits1References1

CNVD•added 2015/01/14 12:0 a.m.•2 views

Multiple Cross-Site Scripting Vulnerabilities in Ansible Tower

Ansible is simple configuration management, deployment, task execution, and multi-node authoring framework. Ansible Tower has multiple cross-site scripting vulnerabilities because it fails to properly filter user-supplied input. An attacker could potentially exploit these vulnerabilities to execu...

4.3CVSS6.8AI score0.05153EPSS

Exploits1References1

Japan Vulnerability Notes•added 2013/01/18 4:36 a.m.•2 views

Documents Pro (formerly Files HD) vulnerable to cross-site scripting

Overview Documents Pro provided by Olive Toast Software Ltd. contains a cross-site scripting vulnerability. Documents Pro provided by Olive Toast Software Ltd. is a document viewer for iOS devices. Documents Pro contains a cross-site scripting vulnerability. Keigo Yamazaki of LAC Co., Ltd. report...

4.3CVSS6.1AI score0.01148EPSS

Exploits0References5

Japan Vulnerability Notes•added 2012/04/26 5:15 a.m.•1 views

OSQA vulnerable to cross-site scripting

Overview OSQA The Open Source Q system contains a cross-site scripting vulnerability. OSQA is an open source question and answer system. OSQA contains a cross-site scripting vulnerability. Kousuke Ebihara reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informati...

4.3CVSS6AI score0.01161EPSS

Exploits0References6

Japan Vulnerability Notes•added 2012/03/13 4:39 a.m.•3 views

Redmine vulnerable to cross-site scripting

Overview Redmine contains a cross-site scripting vulnerability. Redmine is a project management software. Redmine contains a cross-site scripting vulnerability. Kousuke Ebihara reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

4.3CVSS6AI score0.01822EPSS

Exploits0References6

Exploit DB•added 2009/12/31 12:0 a.m.•21 views

SendStudio 4.0.1 - Cross-Site Scripting / Security Bypass

source: https://www.securityfocus.com/bid/37554/info SendStudio also called Email Marketer is prone to a cross-site scripting issue and a security-bypass issue. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

7.4AI score

Exploits0

Japan Vulnerability Notes•added 2009/01/20 7:45 a.m.•4 views

Oracle WebLogic Server vulnerable to cross-site scripting

Overview Oracle WebLogic Server formerly BEA WebLogic Server contains a cross-site scripting vulnerability. Oracle WebLogic Server is an application server based on Java Platform Enterprise Edition 5 JavaEE5. Oracle WebLogic Server contains a cross-site scripting vulnerability. Daiki Fukumori of...

6.8CVSS6.2AI score0.01434EPSS

Exploits0References12

Japan Vulnerability Notes•added 2008/05/20 3:0 p.m.•2 views

CGI RESCUE WebFORM vulnerable to cross-site scripting

Overview WebFORM, released from CGI RESCUE, is a CGI script written in perl that allows a user to send email messages via a HTML form. WebFORM contains a cross-site scripting vulnerability. Impact An abitrary script may be executed on the user's web browser. Solution None...

4.3CVSS6AI score0.01033EPSS

Exploits0References7

Japan Vulnerability Notes•added 2008/05/20 3:0 p.m.•1 views

BBSNote cross-site scripting vulnerability

Overview BBSNote, CGI bulletin board script, contains a cross-site scripting vulnerability due to improper handling of CGI arguments. Impact A malicious script may be executed on the user's web browser. Solution None...

5CVSS6.2AI score

Exploits0References2

Japan Vulnerability Notes•added 2008/05/20 3:0 p.m.•2 views

Hyper NIKKI System cross-site scripting vulnerability

Overview Hyper NIKKI System hns, web log software from the Hyper NIKKI System Project, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possibly conduct session...

4.3CVSS6.2AI score0.01273EPSS

Exploits0References7

Japan Vulnerability Notes•added 2008/05/20 3:0 p.m.•0 views

Nagios cross-site scripting vulnerability

Overview Nagios from Nagios.org contains a cross-site scripting vulnerability. Nagios from Nagios.org is software that monitors network services, hosts, and other resources. Nagios contains a cross-site scripting vulnerability. Impact An arbitrary script can be executed on the user's web browser...

4.3CVSS6.1AI score

Exploits0References3

Packet Storm•added 2006/05/06 12:0 a.m.•41 views

liberoXSS.txt

--Security Report-- Advisory: libero.it XSS vulnerability - HTML injection --- Author: Davide Denicolo --- Date: 28/04/06 --- Contact: davidesecurityinfos.com --- Vendor: ItaliaOnLine S.r.l http://www.libero.it Service: Web Level: Low --- Description: Libero.it is a Web portal of big Italian ISP:...

7.4AI score

Exploits0

Exploit DB•added 2006/04/18 12:0 a.m.•21 views

axoverzicht.CGI - Cross-Site Scripting

source: https://www.securityfocus.com/bid/17584/info The axoverzicht.cgi script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by