CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2295 matches found

Cvelist•added 2006/04/18 10:0 a.m.•17 views

CVE-2006-1822

Cross-site scripting XSS vulnerability in search.php in FarsiNews 2.5.3 Pro and earlier allows remote attackers to inject arbitrary web script or HTML via the selectedsearcharch parameter...

5.7AI score0.02189EPSS

Exploits1References8

Prion•added 2006/04/11 11:2 p.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in SaphpLesson 3.0 allows remote attackers to inject arbitrary web script or HTML via the Word parameter. NOTE: it is possible that this issue is resultant from SQL injection...

4.3CVSS7AI score0.01176EPSS

Exploits0References6Affected Software1

NVD•added 2006/03/29 2:2 a.m.•15 views

CVE-2006-1486

Multiple cross-site scripting XSS vulnerabilities in index.cfm in realestateZONE 4.2 allow remote attackers to inject arbitrary web script or HTML via the 1 bamin, 2 bemin, 3 pmin, and 4 state parameters...

4.3CVSS5.8AI score0.03789EPSS

Exploits1References6

Prion•added 2006/03/28 11:6 a.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in Absolute Image Gallery XE 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via 1 the shownew parameter in gallery.asp and 2 unspecified search module parameters...

4.3CVSS6.2AI score0.0118EPSS

Exploits0References5Affected Software1

OSV•added 2006/03/19 1:2 a.m.•4 views

DEBIAN-CVE-2006-1251

Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command...

5CVSS7.5AI score0.01493EPSS

Exploits0References1

Prion•added 2006/03/09 9:2 p.m.•19 views

Cross site scripting

Cross-site scripting XSS vulnerability in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the query string to index.php...

6.8CVSS6.1AI score0.02133EPSS

Exploits1References6Affected Software1

OSV•added 2006/03/07 9:6 p.m.•2 views

DEBIAN-CVE-2006-1064

Multiple cross-site scripting XSS vulnerabilities in Lurker 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors...

2.6CVSS5.7AI score0.01704EPSS

Exploits0References1

Prion•added 2006/02/21 2:2 a.m.•17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via 1 the nextpage parameter in adodb-pager.inc.php and 2 other unspecified vectors related to PHPSELF...

4.3CVSS5.8AI score0.05871EPSS

Exploits2References18Affected Software1

NVD•added 2006/02/08 11:2 p.m.•16 views

CVE-2006-0603

Multiple cross-site scripting vulnerabilities in signed.php in Hinton Design phphg Guestbook 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 location, 2 website, or 3 message parameter...

6.4CVSS6.1AI score0.02266EPSS

Exploits1References6

NVD•added 2006/01/19 1:3 a.m.•24 views

CVE-2006-0310

Cross-site scripting XSS vulnerability in aoblogger 2.3 allows remote attackers to inject arbitrary Javascript via a javascript URI in the BBcode url tag...

4.3CVSS5.8AI score0.02076EPSS

Exploits1References8

Prion•added 2006/01/18 1:7 a.m.•11 views

Cross site scripting

Cross-site scripting vulnerability in WBNews 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Name field...

5CVSS6.6AI score0.01354EPSS

Exploits0References4Affected Software1

Cvelist•added 2006/01/13 11:0 p.m.•16 views

CVE-2006-0198

Cross-site scripting XSS vulnerability in a certain module, possibly poll or Pool, for XOOPS allows remote attackers to inject arbitrary web script or HTML via JavaScript in the SRC attribute of an IMG element in a comment...

5.8AI score0.01645EPSS

Exploits1References4

Cvelist•added 2006/01/13 11:0 p.m.•19 views

CVE-2006-0204

Multiple cross-site scripting XSS vulnerabilities in Wordcircle 2.17 allow remote attackers to inject arbitrary web script or HTML via 1 the "Course name" field in index.php when the frm parameter has the value "mine" and 2 possibly certain other fields in unspecified scripts...

5.9AI score0.01429EPSS

Exploits1References8

Cvelist•added 2006/01/07 1:0 a.m.•24 views

CVE-2006-0112

Cross-site scripting XSS vulnerability in index.php in Enhanced Simple PHP Gallery 1.7 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...

5.8AI score0.01226EPSS

Exploits1References4

NVD•added 2005/12/28 1:3 a.m.•9 views

CVE-2005-4516

Multiple cross-site scripting XSS vulnerabilities in PHP-Fusion 6.00.200 through 6.00.300 allow remote attackers to inject arbitrary web script or HTML via 1 the sortby parameter in members.php and 2 IMG tags...

4.3CVSS5.8AI score0.02059EPSS

Exploits1References7

OSV•added 2005/12/22 11:3 a.m.•2 views

DEBIAN-CVE-2005-4494

Cross-site scripting XSS vulnerability in SPIP 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 spiplogin.php3 and 2 spippass.php3...

2.6CVSS6AI score0.01353EPSS

Exploits0References1

NVD•added 2005/12/22 11:3 a.m.•9 views

CVE-2005-4490

Multiple cross-site scripting XSS vulnerabilities in SCOOP! 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 keyword and 2 invalid parameter to articleSearch.asp; 3 username and 4 invalid parameter to lostPassword.asp; 5 Username, 6 Password, and 7 invalid...

4.3CVSS5.8AI score0.01765EPSS

Exploits1References3

UbuntuCve•added 2005/12/14 7:3 p.m.•22 views

CVE-2005-4242

Multiple cross-site scripting XSS vulnerabilities in Horde Turba H3 2.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the address book and 2 contact data...

4.3CVSS6AI score0.01228EPSS

Exploits0References1

CVE•added 2005/12/14 11:0 a.m.•43 views

CVE-2005-4247

The CVE-2005-4247 entry concerns Plogger Beta 2 and earlier, with a Cross-site scripting (XSS) vulnerability in index.php exploitable via the searchterms parameter. The vulnerability can cause an attacker to inject arbitrary web script or HTML, with the impact limited to partial integrity comprom...

4.3CVSS6AI score0.01695EPSS

Exploits1References3Affected Software1

NVD•added 2005/12/07 11:3 a.m.•16 views

CVE-2005-4063

Multiple cross-site scripting XSS vulnerabilities in NetAuctionHelp 3.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the 1 L, 2 sort, 3 category, 4 categoryname parameters to search.asp...

4.3CVSS5.9AI score0.01703EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by