CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2300 matches found

SUSE CVE•added 2023/02/15 6:20 a.m.•5 views

SUSE CVE-2004-1059

Multiple cross-site scripting XSS vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the 1 next and 2 prev result search pages, and the 3 extended and 4 simple search forms...

4.3CVSS6.2AI score0.01208EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 6:19 a.m.•2 views

SUSE CVE-2004-1062

Multiple cross-site scripting XSS vulnerabilities in ViewCVS 0.9.2 allow remote attackers to inject arbitrary HTML and web script via certain error messages...

4.3CVSS6.2AI score0.01235EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 6:18 a.m.•3 views

SUSE CVE-2005-1319

Cross-site scripting XSS vulnerability in Horde IMP Webmail client before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title...

4.3CVSS6AI score0.01228EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 6:18 a.m.•4 views

SUSE CVE-2005-1374

Multiple cross-site scripting XSS vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to inject arbitrary web script or HTML via 1 exerciseresult.php, 2 exercicesubmit.php, 3 agenda.php, 4 learningPathList.php, 5 learningPathAdmin.php, 6...

6.8CVSS6.1AI score0.04863EPSS

Exploits1References3

SUSE CVE•added 2023/02/15 6:18 a.m.•2 views

SUSE CVE-2005-2215

Cross-site scripting XSS vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different vulnerability than CVE-2005-1888...

4.3CVSS6.1AI score0.0121EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 6:16 a.m.•3 views

SUSE CVE-2006-0188

webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages into the right frame via a URL in the rightframe parameter. NOTE: this has been called a cross-site scripting XSS issue, but it is different than what is normally identified as XSS...

4.3CVSS6.1AI score0.02002EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 6:16 a.m.•2 views

SUSE CVE-2006-0208

Multiple cross-site scripting XSS vulnerabilities in PHP 4.4.1 and 5.1.1, when displayerrors and htmlerrors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message...

2.6CVSS6.1AI score0.03687EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 6:15 a.m.•2 views

SUSE CVE-2006-2417

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...

4.3CVSS6.1AI score0.02085EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 6:14 a.m.•3 views

SUSE CVE-2006-3636

Multiple cross-site scripting XSS vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.8CVSS6AI score0.06425EPSS

Exploits1References5

SUSE CVE•added 2023/02/15 6:14 a.m.•15 views

SUSE CVE-2006-5718

Cross-site scripting XSS vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter...

4.3CVSS6AI score0.01612EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 6:13 a.m.•6 views

SUSE CVE-2007-0177

Cross-site scripting XSS vulnerability in the AJAX module in MediaWiki before 1.6.9, 1.7 before 1.7.2, 1.8 before 1.8.3, and 1.9 before 1.9.0rc2, when wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.1CVSS6AI score0.03333EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 6:13 a.m.•4 views

SUSE CVE-2007-0788

Cross-site scripting XSS vulnerability in MediaWiki 1.9.x before 1.9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "sortable tables JavaScript."...

4.3CVSS6AI score0.01291EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 6:11 a.m.•3 views

SUSE CVE-2007-3386

Cross-site scripting XSS vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action...

4.3CVSS6.3AI score0.58956EPSS

Exploits2References6

SUSE CVE•added 2023/02/15 6:10 a.m.•1 views

SUSE CVE-2007-5803

Multiple cross-site scripting XSS vulnerabilities in CGI programs in Nagios before 2.12 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-5624 and CVE-2008-1360...

4.3CVSS6AI score0.01774EPSS

Exploits1References4

SUSE CVE•added 2023/02/15 6:9 a.m.•1 views

SUSE CVE-2008-0783

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via 1 the viewtype parameter to graph.php; 2 the filter parameter to graphview.php; 3 the action parameter to the drawnavigationtext...

4.3CVSS6AI score0.05246EPSS

Exploits1References5

SUSE CVE•added 2023/02/15 6:8 a.m.•2 views

SUSE CVE-2008-1360

Cross-site scripting XSS vulnerability in Nagios before 2.11 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts, a different issue than CVE-2007-5624...

4.3CVSS6AI score0.02469EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 6:6 a.m.•2 views

SUSE CVE-2008-4823

Cross-site scripting XSS vulnerability in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to loose interpretation of an ActionScript attribute...

4.3CVSS5.9AI score0.04731EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 6:6 a.m.•3 views

SUSE CVE-2008-5249

Cross-site scripting XSS vulnerability in MediaWiki 1.13.0 through 1.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01962EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 6:6 a.m.•1 views

SUSE CVE-2008-5432

Cross-site scripting XSS vulnerability in Moodle before 1.6.8, 1.7 before 1.7.6, 1.8 before 1.8.7, and 1.9 before 1.9.3 allows remote attackers to inject arbitrary web script or HTML via a Wiki page name aka page title...

4.3CVSS6AI score0.01553EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 6:5 a.m.•19 views

SUSE CVE-2008-6682

Multiple cross-site scripting XSS vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of 1 " double quote characters in the href attribute of an s:a tag and 2...

4.3CVSS6AI score0.05614EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by