CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

780 matches found

Prion•added 2009/04/07 2:17 p.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in Default.aspx in DotNetNuke 4.8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS6.2AI score0.01511EPSS

Exploits1References5Affected Software1

Cvelist•added 2009/04/07 10:0 a.m.•20 views

CVE-2008-6644

Cross-site scripting XSS vulnerability in Default.aspx in DotNetNuke 4.8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

5.7AI score0.01511EPSS

Exploits1References5

CVE•added 2009/04/07 10:0 a.m.•48 views

CVE-2008-6644

CVE-2008-6644 is an XSS vulnerability in DotNetNuke’s Default.aspx (affecting 4.8.3 and earlier) that allows remote attackers to inject arbitrary script/HTML via the PATH_INFO. The affected component is DotNetNuke web UI, with the root cause being improper handling of PATH_INFO leading to script ...

4.3CVSS5.9AI score0.01511EPSS

Exploits1References5Affected Software1

NVD•added 2009/02/16 5:30 p.m.•12 views

CVE-2009-0594

Cross-site scripting XSS vulnerability in index.php in phpSkelSite 1.4 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.7AI score0.01484EPSS

Exploits1References3

Prion•added 2009/02/16 5:30 p.m.•6 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in phpSkelSite 1.4 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS6.1AI score0.01484EPSS

Exploits1References3Affected Software1

Cvelist•added 2009/02/16 5:0 p.m.•20 views

CVE-2009-0594

Cross-site scripting XSS vulnerability in index.php in phpSkelSite 1.4 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

5.7AI score0.01484EPSS

Exploits1References3

UbuntuCve•added 2009/01/21 2:30 a.m.•20 views

CVE-2008-5918

Cross-site scripting XSS vulnerability in the getParameterisedSelfUrl function in index.php in WebSVN 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS6AI score0.04459EPSS

Exploits1References1

Prion•added 2009/01/21 2:30 a.m.•15 views

Cross site scripting

4.3CVSS5.8AI score0.04459EPSS

Exploits1References10Affected Software1

NVD•added 2009/01/21 2:30 a.m.•20 views

CVE-2008-5918

4.3CVSS5.5AI score0.04459EPSS

Exploits1References10

CVE•added 2009/01/21 2:0 a.m.•57 views

CVE-2008-5918

The CVE-2008-5918 entry concerns a Cross-site scripting (XSS) in WebSVN 2.0 and earlier. According to Gentoo GLSA 200903-20 and related OPENVAS entries, the vulnerability affects the getParameterisedSelfUrl() function in index.php, enabling a remote attacker to inject arbitrary web script or HTML...

4.3CVSS5.5AI score0.04459EPSS

Exploits1References10Affected Software1

NVD•added 2008/12/30 8:30 p.m.•10 views

CVE-2008-5770

Cross-site scripting XSS vulnerability in config/makeconfig.php in PHP Weather 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.8AI score0.02971EPSS

Exploits1References5

Prion•added 2008/12/30 8:30 p.m.•7 views

Cross site scripting

Cross-site scripting XSS vulnerability in config/makeconfig.php in PHP Weather 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS6.2AI score0.02971EPSS

Exploits1References5Affected Software1

Cvelist•added 2008/12/30 8:0 p.m.•14 views

CVE-2008-5770

Cross-site scripting XSS vulnerability in config/makeconfig.php in PHP Weather 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

5.8AI score0.02971EPSS

Exploits1References5

Prion•added 2008/12/15 6:0 p.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Triangle Solutions PHP Multiple Newsletters 2.7 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS6.2AI score0.03356EPSS

Exploits1References6Affected Software1

NVD•added 2008/12/15 6:0 p.m.•10 views

CVE-2008-5566

Cross-site scripting XSS vulnerability in index.php in Triangle Solutions PHP Multiple Newsletters 2.7 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.8AI score0.03356EPSS

Exploits1References6

Prion•added 2008/12/05 12:30 a.m.•16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the web interface in ClearCase RWP server in IBM Rational ClearCase 7.0.0 before 7.0.0.4, and 7.0.1.1-RATL-RCC-IFIX02 and possibly other 7.0.1 versions before 7.0.1.3, allow remote attackers to inject arbitrary web script or HTML via the PATHIN...

4.3CVSS6AI score0.0173EPSS

Exploits0References6Affected Software1

exploitpack•added 2008/11/30 12:0 a.m.•12 views

CPCommerce 1.2.6 - URL Rewrite Input Variable Overwrite Authentication Bypass

CPCommerce 1.2.6 - URL Rewrite Input Variable Overwrite Authentication Bypass Author: girex Homepage: girex.altervista.org CMS: cpCommerce 1.2.6 Site: http://cpcommerce.cpradio.org/ Bug: URL Rewrite - Input variables overwrite PoC: Auth bypass - Shell upload Note: Works regardless php.ini setting...

0.8AI score

Exploits0

Prion•added 2008/11/25 7:30 p.m.•16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Xerox DocuShare 6 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to the default URI under 1 SearchResults/ and 2 Services/ in dsdn/dsweb/, and 3 the default URI under unspecified...

4.3CVSS6AI score0.04103EPSS

Exploits0References10Affected Software1

Prion•added 2008/11/19 6:11 p.m.•16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to a viewarticle.php and b viewarticle2.php and the 2 PATHINFO to viewarticle.php...

4.3CVSS6.1AI score0.01485EPSS

Exploits1References4Affected Software1

Cvelist•added 2008/11/19 6:0 p.m.•15 views

CVE-2008-5164

5.8AI score0.01485EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by