CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2295 matches found

OSV•added 2016/03/02 11:59 a.m.•1 views

CVE-2016-2279

Cross-site scripting XSS vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L before 28.011+ allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References3

Prion•added 2016/03/01 11:59 a.m.•16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via 1 normalization.php or 2 js/normalization.js in the database normalization page, 3...

3.5CVSS5.6AI score0.02468EPSS

Exploits0References12Affected Software1

CNVD•added 2016/02/23 12:0 a.m.•3 views

Cybozu Office Cross-Site Scripting Vulnerability (CNVD-2016-01251)

Cybozu Office is a WEB-based cross-platform office solution developed by Cybozu Japan. A cross-site scripting vulnerability in Cybozu Office versions 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6AI score0.01069EPSS

Exploits0References1

CNVD•added 2016/02/17 12:0 a.m.•3 views

Multiple Cross-Site Scripting Vulnerabilities in Apache Solr

Apache Solr is an enterprise-ready, Lucene-based search server. Multiple cross-site scripting vulnerabilities exist in the Admin UI of Apache Solr versions prior to 5.1. A remote attacker can inject arbitrary web script or HTML via constructed fields that are incorrectly handled when rendering...

6.1CVSS6.1AI score0.02693EPSS

Exploits0References1

CNVD•added 2016/02/17 12:0 a.m.•3 views

IBM InfoSphere Master Data Management Reference Data Management Cross-Site Scripting Vulnerability

IBM InfoSphere Master Data Management MDM is a suite of solutions from IBM in the U.S. used to help organizations manage enterprise-wide master data information about customers, suppliers, products, and accounts.Reference Data Management RDM is one of the reference Data Management component. A...

5.4CVSS6AI score0.00622EPSS

Exploits0References1

OSV•added 2016/02/13 2:59 a.m.•4 views

CVE-2016-0866

Cross-site scripting XSS vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00906EPSS

Exploits0References1

OSV•added 2016/02/09 3:59 a.m.•4 views

CVE-2016-1318

Cross-site scripting XSS vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM 1.1 allows remote attackers to inject arbitrary web script or HTML via crafted markup data, aka Bug ID CSCux15489...

6.1CVSS5.9AI score0.01009EPSS

Exploits0References2

RedHat Linux•added 2016/01/26 7:12 p.m.•3 views

jenkins: cross-site scripting flaw in Jenkins core (SECURITY-143)

Cross-site scripting XSS vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS7.5AI score0.02132EPSS

Exploits0References4

FreeBSD•added 2016/01/13 12:0 a.m.•29 views

h2o -- directory traversal vulnerability

Yakuzo OKU reports: When redirect directive is used, this flaw allows a remote attacker to inject response headers into an HTTP redirect response...

4.3CVSS4.8AI score0.01459EPSS

Exploits0References1

Prion•added 2016/01/08 7:59 p.m.•19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors...

3.5CVSS5.7AI score0.01141EPSS

Exploits0References3Affected Software1

Cvelist•added 2016/01/01 2:0 a.m.•21 views

CVE-2015-7415

Multiple cross-site scripting XSS vulnerabilities in IBM UrbanCode Deploy 6.0 before 6.0.1.12, 6.1 before 6.1.3.2, and 6.2 before 6.2.0.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

5.1AI score0.00622EPSS

Exploits0References1

BDU FSTEC•added 2015/12/14 12:0 a.m.•5 views

The vulnerability of the ColdFusion interpreter allows attackers to inject any web script or HTML code.

The vulnerability of the ColdFusion interpreter exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to inject any desired web script or HTML code remotely...

4.3CVSS5.5AI score0.03119EPSS

Exploits0References2

BDU FSTEC•added 2015/11/20 12:0 a.m.•4 views

The vulnerability of the Cisco Secure Access Control System allows a intruder to inject arbitrary web or HTML code.

The vulnerability of the Cisco Secure Access Control System exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary web or HTML code remotely...

4.3CVSS5.6AI score0.0136EPSS

Exploits0References2

CNVD•added 2015/11/10 12:0 a.m.•2 views

IBM Security QRadar Incident Forensics Cross-Site Scripting Vulnerability (CNVD-2015-07481)

IBM Security QRadar Incident Forensics is a suite of security forensic investigation software from IBM. The software supports in-depth forensic investigations of suspected malicious network security incidents, and repair network security vulnerabilities. A cross-site scripting vulnerability exist...

4.3CVSS6.1AI score0.00961EPSS

Exploits0References1

OSV•added 2015/10/31 4:59 a.m.•3 views

UBUNTU-CVE-2015-5667

Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

2.6CVSS5.9AI score0.02092EPSS

Exploits0References5

Prion•added 2015/10/31 4:59 a.m.•13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Cisco FireSight Management Center MC 5.3.1.5 and 5.4.x through 5.4.1.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuu28922...

3.5CVSS5.7AI score0.01085EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2015/10/29 12:0 a.m.•6 views

The vulnerability of the Microsoft SharePoint Server corporate application package and the Microsoft SharePoint Foundation software for electronic document management allows a perpetrator to inject arbitrary web or HTML code.

The vulnerability of the Microsoft SharePoint Server corporate application and the Microsoft SharePoint Foundation software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary web or HTML code remote...

3.5CVSS5.6AI score0.09061EPSS

Exploits0References2

CNVD•added 2015/10/22 12:0 a.m.•4 views

Kentico CMS Has Multiple Cross-Site Scripting Vulnerabilities

Kentico CMS is an enterprise-grade web content management system and customer experience management system. Kentico CMS 8.2 suffers from multiple cross-site scripting vulnerabilities. Allows remote attackers to inject any web script or HTML via the CMSModules/AdminControls/Pages/UIPageaspx or...

5CVSS6.4AI score0.01126EPSS

Exploits2References1

CNVD•added 2015/10/22 12:0 a.m.•2 views

Multiple Cross-Site Scripting Vulnerabilities in HP Smart Profile Server Data Analytics Layer

HP Smart Profile Server Data Analytics Layer is a product from Hewlett-Packard HP designed for communications service providers to manage and analyze customer data for telecom business needs. Multiple cross-site scripting vulnerabilities exist in HP Smart Profile Server Data Analytics Layer versi...

4.3CVSS6.1AI score0.01662EPSS

Exploits0References1

Cvelist•added 2015/10/21 3:0 p.m.•28 views

CVE-2015-7822

Multiple cross-site scripting XSS vulnerabilities in Kentico CMS 8.2 allow remote attackers to inject arbitrary web script or HTML via a 1 parameter name to CMSModules/AdminControls/Pages/UIPage.aspx or the 2 CMSBodyClass cookie variable to the default URI...

5.7AI score0.01126EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by