Lucene search
K

15796 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:23 a.m.5 views

CVE-2016-10508

Multiple cross-site scripting XSS vulnerabilities in phpThumb before 1.7.14 allow remote attackers to inject arbitrary web script or HTML via parameters in demo/phpThumb.demo.showpic.php...

6.1CVSS6AI score0.00831EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:22 a.m.9 views

CVE-2013-0738

Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.php...

6.1CVSS6.4AI score0.00797EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:18 a.m.11 views

CVE-2019-19738

logfileviewer.php in MFScripts YetiShare 3.5.2 through 4.5.3 does not sanitize or encode the output from the lFile parameter on the page, which would allow an attacker to input HTML or execute scripts on the site, aka XSS...

6.1CVSS6.9AI score0.0071EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:10 a.m.9 views

CVE-2019-10475

A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin...

6.1CVSS5.8AI score0.57735EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:3 a.m.7 views

CVE-2011-5309

Cross-site scripting XSS vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

4.3CVSS5.9AI score0.00966EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:43 a.m.7 views

CVE-2012-2637

Cross-site scripting XSS vulnerability in KENT-WEB WEB PATIO 4.04 and earlier might allow remote attackers to inject arbitrary web script or HTML via a crafted cookie...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:32 a.m.5 views

CVE-2015-4457

Multiple cross-site scripting XSS vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors...

5.4CVSS5.9AI score0.00622EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:21 a.m.11 views

CVE-2019-6033

Cross-site scripting vulnerability in a-blog cms versions prior to Ver.2.10.23 Ver.2.10.x, Ver.2.9.26 Ver.2.9.x, and Ver.2.8.64 Ver.2.8.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.4AI score0.00781EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:21 a.m.2 views

CVE-2019-5926

Cross-site scripting vulnerability in KinagaCMS versions prior to 6.5 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6AI score0.0153EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:16 a.m.5 views

CVE-2010-4716

Cross-site scripting XSS vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01848EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:13 a.m.21 views

CVE-2019-3562

A remote web page could inject arbitrary HTML code into the Oculus Browser UI, allowing an attacker to spoof UI and potentially execute code. This affects the Oculus Browser starting from version 5.2.7 until 5.7.11...

6.1CVSS7.2AI score0.01096EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:12 a.m.21 views

CVE-2010-2509

Multiple cross-site scripting XSS vulnerabilities in 2daybiz Web Template Software allow remote attackers to inject arbitrary web script or HTML via the 1 keyword parameter to category.php and the 2 password parameter to memberlogin.php...

4.3CVSS6.2AI score0.01314EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:9 a.m.5 views

CVE-2011-2673

Cross-site scripting XSS vulnerability in BaserCMS before 1.6.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01549EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:8 a.m.15 views

CVE-2015-1363

Cross-site scripting XSS vulnerability in Free Reprintables ArticleFR 3.0.5 allows remote attackers to inject arbitrary web script or HTML via the q parameter to search/v/...

4.3CVSS5.8AI score0.01892EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:8 a.m.7 views

CVE-2011-4647

Multiple cross-site scripting XSS vulnerabilities in the story creation feature in Geeklog 1.8.0 allow remote attackers to inject arbitrary web script or HTML via the 1 code or 2 raw BBcode tags...

4.3CVSS6AI score0.01206EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:7 a.m.6 views

CVE-2012-2634

Cross-site scripting XSS vulnerability in FeedDemon before 4.0, when the feed preview option is enabled, allows remote attackers to inject arbitrary web script or HTML via a feed...

2.6CVSS5.8AI score0.01803EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:4 a.m.6 views

CVE-2019-25144

The WP HTML Mail plugin for WordPress is vulnerable to HTML injection in versions up to, and including, 2.2.10 due to insufficient input sanitization. This makes it possible for unauthenticated attackers to inject arbitrary HTML in pages that execute if they can successfully trick a administrator...

6.1CVSS7.1AI score0.0058EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:1 a.m.6 views

CVE-2011-3999

Cross-site scripting XSS vulnerability in the RSS/Atom feed-reader implementation in Iwate Portal Bar allows remote attackers to inject arbitrary web script or HTML via a crafted feed...

4.3CVSS5.8AI score0.00845EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:55 a.m.11 views

CVE-2013-4703

Cross-site scripting XSS vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:54 a.m.6 views

CVE-2019-19386

A cross-site scripting XSS vulnerability in app/voicemailgreetings/voicemailgreetingedit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id and/or voicemailid parameter...

6.1CVSS5.7AI score0.00866EPSS
Exploits1References1
Rows per page
Query Builder