CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3736 matches found

OSV•added 2017/12/19 8:29 p.m.•2 views

CVE-2017-17753

Multiple cross-site scripting XSS vulnerabilities in the esb-csv-import-export plugin through 1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 cietype, 2 cieimport, 3 cieupdate, or 4 cieignore parameter to includes/admin/views/esb-cie-import-export-page.ph...

6.1CVSS5.8AI score

Exploits0References1

CNVD•added 2017/12/18 12:0 a.m.•2 views

UrBackup Server Cross-Site Scripting Vulnerability

UrBackup is an easy to install open source client/server backup system . A cross-site scripting vulnerability exists in UrBackup Server before 2.1.20. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the action parameter...

6.1CVSS6AI score0.00236EPSS

Exploits0References1

CNVD•added 2017/12/15 12:0 a.m.•1 views

Posty Scubez Posty Readymade Classifieds Cross-Site Scripting Vulnerability

Posty Scubez Posty Readymade Classifieds is a suite of announcement-based website scripts from Posty India. A cross-site scripting vulnerability exists in Posty Scubez Posty Readymade Classifieds. A remote attacker can inject arbitrary web script or HTML by sending the 'ID' parameter to the...

6.1CVSS6AI score0.0024EPSS

Exploits1References1

CNVD•added 2017/12/14 12:0 a.m.•1 views

TIBCO BusinessWorks Process Monitor Integration Matters nJAMS Cross-Site Scripting Vulnerability

TIBCO BusinessWorks Process Monitor is a process monitor for the BusinessWorks platform from TIBCO Software, Inc. Integration Matters nJAMS is one of the business process monitoring components used in it. A cross-site scripting vulnerability exists in TIBCO BusinessWorks Process Monitor 3.0.1.3 a...

4.8CVSS6.1AI score0.00179EPSS

Exploits0References1

CNVD•added 2017/11/29 12:0 a.m.•1 views

Foreman cross-site scripting vulnerability (CNVD-2017-35447)

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A cross-site scripting vulnerability exists in the Facts, Trends, and Statistics pages in Foreman. A...

6.1CVSS5.9AI score0.00343EPSS

Exploits0References1

CNVD•added 2017/11/22 12:0 a.m.•3 views

Arris TG1682G Device Cross-Site Scripting Vulnerability

The Arris TG1682G devices is a Modem modem router all-in-one device from the Arris Group of companies in the U.S.A. The Comcast TG16822.0s7PRODse is a set of firmware developed by Comcast in the U.S.A. that is used in it. A cross-site scripting vulnerability exists in Arris TG1682G devices using...

6.1CVSS5.9AI score0.00279EPSS

Exploits1References1

CNVD•added 2017/11/13 12:0 a.m.•2 views

MyBB installer cross-site scripting vulnerability

MyBB aka MyBulletinBoard is a free and web-based forum software developed by the MyBB team using PHP and MySQL. The software is easy to use, supports multiple languages, and is extensible. installer is one of the installers. A cross-site scripting vulnerability exists in the installer in MyBB...

5.4CVSS6.2AI score0.00262EPSS

Exploits4References1

CNVD•added 2017/11/01 12:0 a.m.•4 views

WordPress user-login-history plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. user-login-history plugin is one of the user login tracking plugin. A cross-site scripting vulnerability exists in...

6.1CVSS5.8AI score0.0027EPSS

Exploits2References1

CNVD•added 2017/10/27 12:0 a.m.•1 views

Redmine cross-site scripting vulnerability (CNVD-2017-31961)

Redmine is a set of open source Web-based project management and defect tracking tools . The tool provides project management , issue tracking and role-based access control and other features . A cross-site scripting vulnerability exists in the Textile and Markdown text formatting and project hom...

6.1CVSS5.9AI score0.00353EPSS

Exploits0References1

OSV•added 2017/10/26 8:29 p.m.•1 views

DEBIAN-CVE-2012-4377

Cross-site scripting XSS vulnerability in MediaWiki before 1.18.5 and 1.19.x before 1.19.2 allows remote attackers to inject arbitrary web script or HTML via a File: link to a nonexistent image...

6.1CVSS6AI score0.00998EPSS

Exploits0References1

OSV•added 2017/10/26 8:29 p.m.•3 views

CVE-2012-4378

Multiple cross-site scripting XSS vulnerabilities in MediaWiki before 1.18.5 and 1.19.x before 1.19.2, when unspecified JavaScript gadgets are used, allow remote attackers to inject arbitrary web script or HTML via the userlang parameter to w/index.php...

6.1CVSS6.1AI score

Exploits0References16

CNVD•added 2017/10/24 12:0 a.m.•1 views

phpMyFaq admin/tags.main.php file cross-site scripting vulnerability

phpMyFAQ is phpMyFAQ team developed a set of open source fully database-driven FAQ question and answer system . The system supports multiple languages, multiple databases, etc., and includes modules such as content management system and community. A cross-site scripting vulnerability exists in th...

6.1CVSS6.1AI score0.00223EPSS

Exploits0References1

CNVD•added 2017/10/23 12:0 a.m.•1 views

TP-LINK TL-MR3220 Cross-Site Scripting Vulnerability

TP-LINK TL-MR3220 wireless routers is a wireless router product from China P&L TP-LINK. A cross-site scripting vulnerability exists in the Wireless MAC Filtering page in the TP-LINK TL-MR3220 wireless router. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

6.1CVSS5.8AI score0.00536EPSS

Exploits4References1

CNVD•added 2017/10/20 12:0 a.m.•1 views

Cisco WebEx Meeting Center Cross-Site Scripting Vulnerability (CNVD-2017-32118)

Cisco WebEx Meeting Center is a set of WebEx meeting solutions in the United States Cisco Cisco company's network of online meeting products. The product invites others to join the meeting via e-mail or instant messaging IM, and supports online product demonstrations, information sharing, and mor...

6.1CVSS5.8AI score0.00232EPSS

Exploits0References1

CNVD•added 2017/10/20 12:0 a.m.•1 views

Foreman Cross-Site Scripting Vulnerability (CNVD-2017-34618)

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A cross-site scripting vulnerability exists in the search auto-completion feature in Foreman versions...

5.4CVSS5.7AI score0.0026EPSS

Exploits1References1

CNVD•added 2017/10/18 12:0 a.m.•3 views

WordPress uDesign Theme Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports the PHP and MySQL servers to set up a personal blog site. uDesign aka U-Design is one of the theme plug-ins. A cross-site scripting vulnerability exists in WordPress...

6.1CVSS5.8AI score0.00335EPSS

Exploits1References1

CNVD•added 2017/10/18 12:0 a.m.•1 views

ATutor cross-site scripting vulnerability (CNVD-2017-32279)

ATutor is an open source Web-based learning content management system LCMS developed by the ATutor team. The system includes teaching content management, forums, chat rooms and other modules. A cross-site scripting vulnerability exists in versions prior to Atutor 2.2.3, which stems from the progr...

5.4CVSS5.5AI score0.00206EPSS

Exploits1References1

CNVD•added 2017/10/17 12:0 a.m.•4 views

Issuetracker phpBugTracker cross-site scripting vulnerability (CNVD-2017-30874)

Issuetracker phpBugTracker is a web-based defect tracking system. The system provides features such as project management and defect tracking services. A cross-site scripting vulnerability exists in Issuetracker phpBugTracker versions prior to 1.7.0. A remote attacker can exploit this vulnerabili...

4.8CVSS4.9AI score0.00278EPSS

Exploits0References1

CNVD•added 2017/10/12 12:0 a.m.•1 views

MISP cross-site scripting vulnerability (CNVD-2017-30341)

MISP is a suite of open source software solutions for collecting, storing, distributing and sharing cybersecurity metrics and threats cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in quickDelete in versions of MISP prior to 2.4.81. A remote attacke...

6.1CVSS6AI score0.00266EPSS

Exploits0References1

ATTACKERKB•added 2017/10/03 1:29 a.m.•0 views

CVE-2015-7980

Cross-site scripting XSS vulnerability in the Compass Rose module 6.x-1.x before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "embedding a JavaScript library from an external source that was not reliable."...

6.1CVSS5.8AI score0.00696EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by