CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3739 matches found

RedhatCVE•added 2025/05/21 10:8 p.m.•5 views

CVE-2005-2207

Cross-site scripting XSS vulnerability in store/login.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the message parameter...

4.3CVSS5.9AI score0.00331EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 9:57 p.m.•6 views

CVE-2009-3260

Cross-site scripting XSS vulnerability in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the header of the topic in a comment...

4.3CVSS5.9AI score0.00226EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 9:57 p.m.•10 views

CVE-2008-6835

Cross-site scripting XSS vulnerability in OpenID 5.x before 5.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00319EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 9:57 p.m.•6 views

CVE-2009-2170

Multiple cross-site scripting XSS vulnerabilities in Mahara 1.0 before 1.0.12 and 1.1 before 1.1.5 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS5.9AI score0.00263EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 9:55 p.m.•4 views

CVE-2006-1034

Multiple cross-site scripting XSS vulnerabilities in Woltlab Burning Board wBB allow remote attackers to inject arbitrary web script or HTML via 1 the username parameter to galerieindex.php and possibly 2 galerieonfly.php. NOTE: the provenance of this information is unknown; the details are...

4.3CVSS6AI score0.00268EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 9:38 p.m.•6 views

CVE-2005-3292

Multiple cross-site scripting XSS vulnerabilities in Xeobook 0.93 allow remote attackers to inject arbitrary web script or HTML via Javascript events in tages such as...

4.3CVSS6AI score0.00362EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 9:37 p.m.•6 views

CVE-2005-3285

Cross-site scripting XSS vulnerability in comersusbackofficesearchItemForm.asp in Comersus BackOffice Plus allows remote attackers to inject arbitrary web script or HTML via the 1 forwardTo1, 2 forwardTo2, 3 nameFT1, or 4 nameFT2 parameters...

4.3CVSS5.9AI score0.00726EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 9:34 p.m.•7 views

CVE-2009-3367

Multiple cross-site scripting XSS vulnerabilities in An image gallery 1.0 allow remote attackers to inject arbitrary web script or HTML via the path parameter to 1 index.php and 2 main.php, and the 3 show parameter to main.php. NOTE: the provenance of this information is unknown; the details are...

4.3CVSS5.8AI score0.00327EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 9:31 p.m.•4 views

CVE-2005-3165

Multiple cross-site scripting XSS vulnerabilities in MediaWiki before 1.4.9 allow remote attackers to inject arbitrary web script or HTML via 1 tags or 2 Extension or sections that "bypass HTML style attribute restrictions" that are intended to protect against XSS vulnerabilities in Internet...

4.3CVSS5.4AI score0.00268EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 9:27 p.m.•7 views

CVE-2005-3078

Cross-site scripting XSS vulnerability in PunBB before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the "forgotten e-mail" feature...

4.3CVSS5.9AI score0.00297EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 9:24 p.m.•4 views

CVE-2006-5321

Multiple cross-site scripting XSS vulnerabilities in phplist before 2.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00396EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 9:23 p.m.•7 views

CVE-2007-5142

Cross-site scripting XSS vulnerability in buscar.asp in Solidweb Novus 1.0 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS5.8AI score0.00553EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 9:11 p.m.•8 views

CVE-2006-4941

Multiple cross-site scripting XSS vulnerabilities in Moodle before 1.6.2 might allow remote attackers to inject arbitrary web script or HTML via 1 the choose parameter in files/index.php and 2 the sub parameter in doc/index.php...

4.3CVSS5.7AI score0.00297EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 9:4 p.m.•7 views

CVE-2006-4711

Multiple cross-site scripting XSS vulnerabilities in Sage allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite...

4.3CVSS6AI score0.00396EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 9:3 p.m.•6 views

CVE-2009-3120

Cross-site scripting XSS vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: some of these details are obtained from third party information...

4.3CVSS5.9AI score0.00263EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 8:53 p.m.•4 views

CVE-2005-4858

Multiple cross-site scripting XSS vulnerabilities in mimic2.cgi in mimicboard2 Mimic2 086 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters associated with the 1 name, 2 title, and 3 comment sections, as demonstrated by referencing a remote...

4.3CVSS6AI score0.00152EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 8:52 p.m.•5 views

CVE-2005-2138

Cross-site scripting XSS vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message...

4.3CVSS5.9AI score0.00331EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 8:48 p.m.•8 views

CVE-2005-2021

Cross-site scripting XSS vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page...

4.3CVSS6AI score0.00337EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 8:39 p.m.•5 views

CVE-2009-3057

Multiple cross-site scripting XSS vulnerabilities in AOM Software Beex 3 allow remote attackers to inject arbitrary web script or HTML via the navaction parameter to 1 news.php and 2 partneralle.php...

4.3CVSS6AI score0.00454EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 8:39 p.m.•5 views

CVE-2002-2359

Cross-site scripting XSS vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL...

4.3CVSS5.9AI score0.0023EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by