CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

780 matches found

Cvelist•added 2014/02/05 3:0 p.m.•35 views

CVE-2013-1466

Multiple cross-site scripting XSS vulnerabilities in glFusion before 1.2.2.pl4 allow remote attackers to inject arbitrary web script or HTML via the 1 subject parameter to profiles.php; 2 address1, 3 address2, 4 calendartype, 5 city, 6 state, 7 title, 8 url, or 9 zipcode parameter to...

5.6AI score0.03775EPSS

Exploits5References7

NVD•added 2014/01/29 6:55 p.m.•22 views

CVE-2013-5092

Cross-site scripting XSS vulnerability in afa/php/Login.php in AlgoSec Firewall Analyzer 6.1-b86 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.7AI score0.03247EPSS

Exploits1References4

Prion•added 2014/01/29 6:55 p.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in afa/php/Login.php in AlgoSec Firewall Analyzer 6.1-b86 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS6.1AI score0.03247EPSS

Exploits1References4Affected Software1

Prion•added 2014/01/24 4:55 p.m.•16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 tus/ or 2 tus/tus/...

4.3CVSS6.1AI score0.01237EPSS

Exploits0References6Affected Software2

NVD•added 2013/12/21 12:55 a.m.•15 views

CVE-2013-7191

Cross-site scripting XSS vulnerability in Tenmiles Helpdesk Pilot allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the default URI for a ticket...

4.3CVSS5.7AI score0.01193EPSS

Exploits1References3

Prion•added 2013/12/21 12:55 a.m.•19 views

Cross site scripting

Cross-site scripting XSS vulnerability in Tenmiles Helpdesk Pilot allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the default URI for a ticket...

4.3CVSS6.2AI score0.01193EPSS

Exploits1References3Affected Software1

CVE•added 2013/12/21 12:0 a.m.•36 views

CVE-2013-7191

CVE-2013-7191 has a documented XSS vulnerability in Tenmiles Helpdesk Pilot. The issue arises when an attacker can inject arbitrary web script or HTML via the PATH_INFO to the default URI for a ticket. The available sources (NVD, CVE records) confirm the vulnerability and describe the impact as e...

4.3CVSS5.9AI score0.01193EPSS

Exploits1References3Affected Software1

Cvelist•added 2013/12/21 12:0 a.m.•19 views

CVE-2013-7191

Cross-site scripting XSS vulnerability in Tenmiles Helpdesk Pilot allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the default URI for a ticket...

5.7AI score0.01193EPSS

Exploits1References3

NVD•added 2013/11/14 8:55 p.m.•16 views

CVE-2013-6058

SQL injection vulnerability in appRain CMF 3.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATHINFO to blog-by-cat/...

7.5CVSS8.2AI score0.0248EPSS

Exploits7References6

NVD•added 2013/10/11 9:55 p.m.•15 views

CVE-2013-4305

Cross-site scripting XSS vulnerability in contrib/example.php in the SyntaxHighlight GeSHi extension for MediaWiki, possibly as downloaded before September 2013, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.8AI score0.01499EPSS

Exploits1References5

UbuntuCve•added 2013/10/11 9:55 p.m.•22 views

CVE-2013-4305

4.3CVSS6AI score0.01499EPSS

Exploits1References2

Prion•added 2013/10/11 9:55 p.m.•15 views

Cross site scripting

4.3CVSS6.2AI score0.01499EPSS

Exploits1References5Affected Software1

NVD•added 2013/10/01 7:55 p.m.•15 views

CVE-2013-3962

Cross-site scripting XSS vulnerability in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WPHD, GXV3500, and possibly other camera models before firmware 1.0.4.44, allows remote attackers to inject arbitrary web script or HTML via the...

4.3CVSS5.9AI score0.00931EPSS

Exploits1References2

NVD•added 2013/10/01 7:55 p.m.•21 views

CVE-2013-3964

Cross-site scripting XSS vulnerability in Samsung SHR-5162, SHR-5082, and possibly other models, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.8AI score0.03434EPSS

Exploits3References1

Prion•added 2013/10/01 7:55 p.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in Samsung SHR-5162, SHR-5082, and possibly other models, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS6.2AI score0.03434EPSS

Exploits3References1

Cvelist•added 2013/10/01 7:0 p.m.•28 views

CVE-2013-3964

Cross-site scripting XSS vulnerability in Samsung SHR-5162, SHR-5082, and possibly other models, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

5.8AI score0.03434EPSS

Exploits3References1

Cvelist•added 2013/10/01 7:0 p.m.•20 views

CVE-2013-3962

7.8AI score0.00931EPSS

Exploits1References2

NVD•added 2013/09/09 5:55 p.m.•37 views

CVE-2013-4899

Cross-site scripting XSS vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the gallery/ page...

4.3CVSS5.7AI score0.01193EPSS

Exploits3References3

Prion•added 2013/09/09 5:55 p.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the gallery/ page...

4.3CVSS6.2AI score0.01193EPSS

Exploits3References3Affected Software1

Cvelist•added 2013/09/09 5:0 p.m.•39 views

CVE-2013-4899

Cross-site scripting XSS vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the gallery/ page...

5.7AI score0.01193EPSS

Exploits3References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by