CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3736 matches found

ATTACKERKB•added 2018/04/04 7:29 p.m.•4 views

CVE-2018-9034

Cross-site scripting XSS vulnerability in lib/interface.php of the Relevanssi plugin 4.0.4 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the tab GET parameter...

5.4CVSS5.7AI score0.00143EPSS

Exploits5References2

OSV•added 2018/04/04 1:29 p.m.•1 views

CVE-2017-3967

Target influence via framing vulnerability in the web interface in McAfee Network Security Management NSM before 8.2.7.42.2 allows remote attackers to inject arbitrary web script or HTML via application pages inability to break out of 3rd party HTML frames...

6.1CVSS5.9AI score0.00196EPSS

Exploits0References1

CNVD•added 2018/04/04 12:0 a.m.•0 views

iScripts EasyCreate Cross-Site Scripting Vulnerability

IScripts EasyCreate is a set of online website builder from Iscripts, Inc. The tool can be used on the server for the client to provide website building services , belong to the fully customizable . A cross-site scripting vulnerability exists in the Site Description field in IScripts EasyCreate...

5.4CVSS6.1AI score0.01095EPSS

Exploits4References1

CNVD•added 2018/04/04 12:0 a.m.•8 views

Joomla! Joom Sky JS Jobs Extension Cross-Site Scripting Vulnerability

Joomla! is a U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other features . Joom Sky JS Jobs extension is used in one of the recruitment features with an extension . A cross-site scripting vulnerability...

5.4CVSS6.1AI score0.00271EPSS

Exploits5References1

OSV•added 2018/04/03 12:0 a.m.•1 views

UBUNTU-CVE-2018-4133

An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS7AI score0.00501EPSS

Exploits0References5

CNVD•added 2018/04/02 12:0 a.m.•1 views

Apple Safari WebKit cross-site scripting vulnerability (CNVD-2018-07657)

Apple Safari is a web browser from Apple, and is the default browser that comes with the Mac OS X and iOS operating systems.WebKit is a set of open-source web browser engines developed by KDE, Apple, and Google, and is currently used by Apple Safari and Google Chrome, among other browsers. Google...

6.1CVSS5.4AI score0.00501EPSS

Exploits0References1

CNVD•added 2018/03/30 12:0 a.m.•1 views

ASUS RT-N14UHP 'flag' parameter cross-site scripting vulnerability

The ASUS RT-N14UHP is a wireless router device from ASUS. A cross-site scripting vulnerability exists in the 'flag' parameter in ASUS RT-N14UHP devices prior to version 3.0.0.4.380.8015. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

6.1CVSS6.1AI score0.0024EPSS

Exploits1References1

CNVD•added 2018/03/29 12:0 a.m.•1 views

bui select component cross-site scripting vulnerability

bui is a front-end framework based on JQuery. select component is one of the search component. A cross-site scripting vulnerability exists in the select component in bui 2018-03-13 and prior versions, which stems from a program performing an escape operation on escaped text. A remote attacker can...

6.1CVSS6.2AI score0.01433EPSS

Exploits1References1

CNVD•added 2018/03/28 12:0 a.m.•1 views

QQQ SYSTEMS cross-site scripting vulnerability (CNVD-2018-07698)

QQQ SYSTEMS is a set of CGI scripts for creating quiz pages. A cross-site scripting vulnerability exists in QQQ SYSTEMS version 2.24. A remote attacker can exploit this vulnerability to inject arbitrary web scripts via the quiz.cgi file...

6.1CVSS6.2AI score0.00211EPSS

Exploits0References1

OSV•added 2018/03/27 9:29 p.m.•1 views

CVE-2017-7631

Cross-site scripting XSS vulnerability in the share link function of File Station of QNAP 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to inject arbitrary web script or HTML...

6.1CVSS5.9AI score

Exploits0References1

CNVD•added 2018/03/27 12:0 a.m.•2 views

BMC Remedy Action Request System Cross-Site Scripting Vulnerability

BMC Remedy Action Request AR System is a suite of mobile digital enterprise management platforms for IT departments from BMC Software, USA. A cross-site scripting vulnerability exists in version 9.0 of the BMC Remedy Action Request AR System prior to 9.0.00 Service Pack 2 hot fix 1. A remote...

6.1CVSS6.1AI score0.00301EPSS

Exploits0References1

CNVD•added 2018/03/26 12:0 a.m.•1 views

dsmall cross-site scripting vulnerability (CNVD-2018-07545)

dsmall is a multi-user platform-level online shopping mall system. A cross-site scripting vulnerability exists in dsmall version 20180320. A remote attacker can exploit this vulnerability by sending the 'pdrsn' parameter to the public/index.php/home/predeposit/index.html page to inject arbitrary...

5.4CVSS6.2AI score0.00206EPSS

Exploits1References1

OSV•added 2018/03/19 8:29 p.m.•1 views

CVE-2018-8732

Cross-site scripting XSS vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtualdel parameter...

5.4CVSS5.9AI score

Exploits0References2

OSV•added 2018/03/15 10:29 p.m.•1 views

CVE-2016-0223

Cross-site scripting XSS vulnerability in the Webform Framework API in IBM Forms Server 4.0.x, 8.0.x, 8.1, and 8.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110006...

6.1CVSS5.9AI score

Exploits0References2

CNVD•added 2018/03/14 12:0 a.m.•2 views

OSIsoft PI Web API Cross-Site Scripting Vulnerability

The OSIsoft PI Web API is a product for accessing PI system data. A cross-site scripting vulnerability exists in OSIsoft PI Web API 2017 R2 and prior versions, which can be exploited by remote attackers to inject arbitrary web script or HTML...

6.1CVSS6.2AI score0.0018EPSS

Exploits0References1

CNVD•added 2018/03/14 12:0 a.m.•2 views

OSIsoft PI Vision Cross-Site Scripting Vulnerability

PI Vision is the leading visualization tool for quick, easy and secure access to all PI System™ data. A cross-site scripting vulnerability exists in OSIsoft PI Vision 2017 and prior versions, which can be exploited by remote attackers to inject arbitrary web script or HTML because the...

6.1CVSS6AI score0.0018EPSS

Exploits0References1

OSV•added 2018/03/13 7:29 p.m.•1 views

CVE-2018-7405

Cross-site scripting XSS in Zoho ManageEngine EventLog Analyzer before 11.12 Build 11120 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00479EPSS

Exploits0References2

OSV•added 2018/03/12 9:29 p.m.•1 views

CVE-2016-0261

Cross-site scripting XSS vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web scri...

5.4CVSS5.9AI score

Exploits0References2

OSV•added 2018/03/09 7:29 p.m.•1 views

CVE-2016-0253

Cross-site scripting XSS vulnerability in IBM Financial Transaction Manager FTM for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager FTM for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager FTM f...

5.4CVSS5.9AI score0.00129EPSS

Exploits0References2

CNVD•added 2018/03/09 12:0 a.m.•1 views

Media Streaming add-on cross-site scripting vulnerability

QNAP NAS application Media Streaming add-on is a video streaming loading application for QNAP NAS devices from QNAP Systems. A cross-site scripting vulnerability exists in QNAP NAS application Media Streaming add-on version 21.1.0.2 and earlier and version 430.1.2.0 and earlier. A remote attacker...

6.1CVSS6.1AI score0.0025EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by