CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

797 matches found

CVE•added 2014/10/21 3:0 p.m.•99 views

CVE-2014-8380

The CVE-2014-8380 is an XSS vulnerability in Splunk 6.1.1 where the Referer header in a 404 response is not properly sanitized, enabling remote attackers to inject arbitrary script/HTML in the victim’s browser. Multiple connected sources (OpenVAS, Tenable, CVE listings) corroborate this as a Refe...

4.3CVSS5.6AI score0.02855EPSS

Exploits3References3Affected Software1

NVD•added 2014/10/16 7:55 p.m.•19 views

CVE-2014-8301

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header...

4.3CVSS5.7AI score0.00263EPSS

Exploits0References1

Prion•added 2014/10/16 7:55 p.m.•18 views

Cross site scripting

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header...

4.3CVSS6.1AI score0.00263EPSS

Exploits0References1Affected Software1

Prion•added 2014/10/16 7:55 p.m.•16 views

Open redirect

Open redirect vulnerability in the redir function in includes/function.php in C97net Cart Engine before 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header to 1 index.php, 2 cart.php, 3 msg.php, or 4 page.php...

6.4CVSS7.1AI score0.02856EPSS

Exploits2References2Affected Software1

Cvelist•added 2014/10/16 7:0 p.m.•23 views

CVE-2014-8301

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header...

5.7AI score0.00263EPSS

Exploits0References1

securityvulns•added 2014/10/16 12:0 a.m.•71 views

IP.Board 3.4 cross-site scripting in Referer header

+-------------------------------------------------------------------- + + IP.Board 3.4 cross-site scripting in Referer header + +-------------------------------------------------------------------- + vendor site........: http://www.invisionpower.com + Affected Software .: IP.Board 3.4 + Class...

6.5AI score

Exploits0

NVD•added 2014/10/14 2:55 p.m.•14 views

CVE-2014-8069

Multiple cross-site scripting XSS vulnerabilities in YOOtheme Pagekit CMS 0.8.7 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTP Referer header to index.php/user or 2 PATHINFO to index.php...

4.3CVSS5.7AI score0.00225EPSS

Exploits2References1

Prion•added 2014/10/14 2:55 p.m.•18 views

Cross site scripting

4.3CVSS6AI score0.00225EPSS

Exploits2References1Affected Software1

Cvelist•added 2014/10/14 2:0 p.m.•15 views

CVE-2014-8069

5.7AI score0.00225EPSS

Exploits2References1

Web Security Log•added 2014/08/26 4:47 p.m.•24 views

Nokia : Exploiting cross-site scripting in Referer header in Trade.online.nokia.com

Little Insight: The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks or referer page back link . The payload Referer: javascript:prompt1; was submitted in the Referer HTTP header. This input was store on page back link when user...

6AI score

Exploits0

Positive Technologies•added 2014/07/30 12:0 a.m.•2 views

PT-2014-1985 · D Link · Dnr-326 +4

Name of the Vulnerable Software and Affected Versions: D-Link DNR-320L versions prior to 1.04b08 D-Link DNS-320LW versions prior to 1.04b08 D-Link DNR-322L versions prior to 2.10 build 03 D-Link DNR-326 versions prior to 2.10 build 03 D-Link DNS-327L versions prior to 1.04b01 Description: The iss...

9.8CVSS9.9AI score0.11668EPSS

Exploits0References8

NVD•added 2014/07/28 3:55 p.m.•12 views

CVE-2014-5108

Cross-site scripting XSS vulnerability in singlepages\downloadfile.php in concrete5 before 5.6.3 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to index.php/downloadfile...

4.3CVSS5.7AI score0.00449EPSS

Exploits0References4

NVD•added 2014/07/28 3:55 p.m.•9 views

CVE-2014-5106

Cross-site scripting XSS vulnerability in Invision Power IP.Board aka IPB or Power Board 3.4.x through 3.4.6 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to admin/install/index.php...

4.3CVSS5.7AI score0.00254EPSS

Exploits0References3

Prion•added 2014/07/28 3:55 p.m.•12 views

Cross site scripting

4.3CVSS6.1AI score0.00449EPSS

Exploits0References4Affected Software2

Prion•added 2014/07/28 3:55 p.m.•10 views

Cross site scripting

4.3CVSS6.1AI score0.00254EPSS

Exploits0References3Affected Software1

CVE•added 2014/07/28 3:0 p.m.•44 views

CVE-2014-5106

The CVE-2014-5106 entry describes a cross-site scripting (XSS) vulnerability in Invision Power IP.Board (IPB) 3.4.x through 3.4.6. An attacker could inject arbitrary web script or HTML via the HTTP Referer header to admin/install/index.php. This applies to IPB 3.4.x–3.4.6; no exploitation details...

4.3CVSS5.9AI score0.00254EPSS

Exploits0References3Affected Software1

Cvelist•added 2014/07/28 3:0 p.m.•17 views

CVE-2014-5108

5.7AI score0.00449EPSS

Exploits0References4

NVD•added 2014/07/20 11:12 a.m.•11 views

CVE-2014-3894

Cross-site scripting XSS vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header...

4.3CVSS5.8AI score0.00248EPSS

Exploits0References2

Cvelist•added 2014/07/20 10:0 a.m.•16 views

CVE-2014-3894

Cross-site scripting XSS vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header...

5.8AI score0.00248EPSS

Exploits0References2

Japan Vulnerability Notes•added 2014/07/16 6:13 a.m.•1 views

Multifunctional MailForm Free vulnerable to cross-site scripting

Overview Multifunctional MailForm Free provided by PHP Kobo contains a cross-site scripting vulnerability. Multifunctional MailForm Free contains an issue in processing HTTP Referer headers, which may cause cross-site scripting. Impact By opening a specially crafted HTML document, an arbitrary...

4.3CVSS5.9AI score0.00248EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by