CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

173 matches found

OpenVAS•added 2015/10/20 12:0 a.m.•54 views

Revive Adserver < 3.2.2 Multiple Vulnerabilities (REVIVE-SA-2015-001)

Revive Adserver is prone to multiple vulnerabilities. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.4AI score0.01953EPSS

Exploits1References4

OpenVAS•added 2015/10/05 12:0 a.m.•22 views

Open-Xchange (OX) App Suite Multiple Vulnerabilities - 01 (Oct 2015)

Open-Xchange OX App Suite is prone to multiple vulnerabilities. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...

4.3CVSS6.6AI score0.00295EPSS

Exploits1References6

htbridge•added 2015/07/01 12:0 a.m.•523 views

Cross-Site Scripting (XSS) in qTranslate WordPress Plugin

High-Tech Bridge Security Research Lab discovered vulnerability in qTranslate WordPress plugin, which can be exploited to perform Cross-Site Scripting XSS attacks against website administrators. Successful exploitation of this vulnerability may allow a remote attacker to gain complete control ove...

4.3CVSS0.7AI score0.0027EPSS

Exploits3Affected Software1

CNVD•added 2015/03/05 12:0 a.m.•1 views

Loxone Smart Home Multiple Cross-Site Scripting Vulnerabilities

Loxone Smart Home is a WEB-based application. Multiple cross-site scripting vulnerabilities in Loxone Smart Home could be exploited by an attacker to execute arbitrary HTML script and code within the context of the affected application...

6.7AI score

Exploits0References1

seebug.org•added 2014/07/01 12:0 a.m.•17 views

Campsite 3.3.5 - CSRF Vulnerability

No description provided by source. ======================================================================= campsite 3.3.5 CSRF Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email [email protected]...

7.1AI score

Exploits0

Packet Storm•added 2014/05/30 12:0 a.m.•37 views

InterScan Messaging Security Virtual Appliance 8.5.1.1516 Cross Site Scripting

I. VULNERABILITY ------------------------- XSS Attacks vulnerability in InterScan Messaging Security Virtual Appliance 8.5.1.1516 II. DESCRIPTION ------------------------- Has been detected a XSS vulnerability in InterScan Messaging Security Virtual Appliance version 8.5.1.1516. The code injectio...

7.4AI score

Exploits0

OpenVAS•added 2013/09/04 12:0 a.m.•13 views

WordPress NextGen Smooth Gallery Plugin <= 1.2 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

7.2AI score

Exploits0References4

seebug.org•added 2013/08/24 12:0 a.m.•23 views

live800聊天窗口定向xss（本地域权限）

简要描述：可以给客服发送xss。详细说明：可以给客服发送xss，但是服务端那边是直接运行html的，没有cookie，不过可以给客服发网马代码之类的。漏洞证明：插入个表情，然后修改元素，插入xss，发送。收到了可以看对方系统，IE版本。可以找相应的exp挂马。...

7.1AI score

Exploits0

0day.today•added 2013/07/29 12:0 a.m.•36 views

FluxBB 1.5.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications !-- FluxBB 1.5.3 Multiple Remote Vulnerabilities Vendor: FluxBB Product web page: http://www.fluxbb.org Affected version: 1.5.3 Summary: FluxBB is fast, light, user-friendly forum software for your website. Desc: FluxBB suffers from a cross-si...

7.1AI score

Exploits0

OpenVAS•added 2013/04/10 12:0 a.m.•25 views

Microsoft InfoPath HTML Sanitisation Component XSS Vulnerability (2821818)

This host is missing an important security update according to Microsoft Bulletin MS13-035. OpenVAS Vulnerability Test $Id: secpodofficeinfopathms13-035.nasl 5339 2017-02-18 16:28:22Z cfi $ Microsoft InfoPath HTML Sanitisation Component XSS Vulnerability 2821818 Authors: Antu Sanadi Copyright:...

4.3CVSS6.4AI score0.44955EPSS

Exploits0References4

seebug.org•added 2012/03/06 12:0 a.m.•22 views

Ruby on Rails多个跨站脚本执行漏洞

BUGTRAQ ID: 52264 Ruby on Rails简称RoR或Rails，是一个使用Ruby语言写的开源Web应用框架，它是严格按照MVC结构开发的。通过SafeBuffer直接操作传递的输入没有正确过滤，通过手动生成的选择标签传递的某些输入没有正确过滤，导致在用户浏览器中执行任意HTML和脚本代码 0 Ruby on Rails 3.2.x Ruby on Rails 3.1.x Ruby on Rails 3.0.x 厂商补丁： Ruby ---- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.ruby-lang.org/...

6.9AI score

Exploits0

OpenVAS•added 2012/02/01 12:0 a.m.•18 views

Support Incident Tracker SiT! < 3.65 Multiple Vulnerabilities - Active Check

Support Incident Tracker is prone to multiple SQL injection SQLi and cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

7.5CVSS6.1AI score0.04467EPSS

Exploits4References3

htbridge•added 2011/12/28 12:0 a.m.•30 views

XSS in OneOrZero AIMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in OneOrZero AIMS, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in OneOrZero AIMS: CVE-2012-0989 Input appended to the URL after index.php is not properly sanitised...

4.3CVSS5.7AI score0.00596EPSS

Exploits1Affected Software1

seebug.org•added 2011/12/05 12:0 a.m.•24 views

JBoss Application Server跨站请求伪造漏洞

BUGTRAQ ID: 50888 CVE ID: CVE-2011-3609 Jboss是非常流行的开源J2EE应用服务器。 Jboss实现上存在输入验证漏洞，在返回给用户之前，没有正确过滤通过管理控制台传递到消息中心的某些输入，可被利用在用户浏览器中执行任意HTML和脚本代码 JBoss Application Server 7.x 厂商补丁： JBoss Group ----------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.jboss.org/...

6.5AI score0.00509EPSS

Exploits1

OpenVAS•added 2011/07/13 12:0 a.m.•12 views

eFront <= 3.6.9 Build 11018 Multiple Vulnerabilities

eFront is prone to cross-site scripting XSS and local file inclusion LFI vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.3AI score

Exploits0References3

OpenVAS•added 2010/12/29 12:0 a.m.•15 views

PmWiki < 2.2.21 XSS Vulnerability

PmWiki is prone to a cross-site scripting XSS vulnerability. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

4.3CVSS5.8AI score0.00496EPSS

Exploits1References2

OpenVAS•added 2010/09/29 12:0 a.m.•24 views

Flock Browser RSS Feed Cross site scripting Vulnerability

This host is installed with Flock browser and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodflockxsswin01.nasl 5394 2017-02-22 09:22:42Z teissa $ Flock Browser RSS Feed Cross site scripting Vulnerability Authors: Madhuri D Copyright: Copyright c 2010 SecPod...

4.3CVSS6.2AI score0.00285EPSS

Exploits0References2

Atlassian•added 2008/11/14 12:59 a.m.•18 views

Attachment list in popup doesn't escape filenames causing XSS hole

The filenames in the attachment list of the link popup aren't being escaped. If you upload an attachment with a filename including html it could be executed...

0.3AI score

Exploits0

Debian•added 2006/02/15 7:57 a.m.•17 views

[SECURITY] [DSA 973-1] New OTRS packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 973-1 [email protected] http://www.debian.org/security/ Martin Schulze February 15th, 2006 http://www.debian.org/security/faq -...

7.5CVSS7.7AI score0.12371EPSS

Exploits2

CVE•added 2005/12/03 7:0 p.m.•69 views

CVE-2005-3975

CVE-2005-3975 is an interpretation conflict in Drupal that allowed remote authenticated users to inject arbitrary web script or HTML via a file with a GIF/JPEG extension. Affected versions include Drupal 4.5.0–4.5.5 and 4.6.0–4.6.3. The issue could execute HTML in Internet Explorer (per CVE-2005-...

4CVSS5.7AI score0.00817EPSS

Exploits0References9Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by