CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3735 matches found

CNVD•added 2015/11/07 12:0 a.m.•2 views

Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2015-07411)

Mozilla Firefox is an open source web browser. A cross-site scripting vulnerability exists in Mozilla Firefox for Android-based platforms that fails to properly restrict URL strings in Android intents, allowing remote attackers to exploit the vulnerability to inject malicious script or HTML code...

4.3CVSS8.5AI score0.00695EPSS

Exploits0References1

CNVD•added 2015/11/05 12:0 a.m.•1 views

Cisco Social Miner Cross-Site Scripting Vulnerability

Cisco Social Miner is the United States Cisco Cisco a set of customer service systems, providing user information collection, filtering, process processing, statistical reporting and other functions. A cross-site scripting vulnerability exists in Cisco Social Miner 10.0. It allows remote attacker...

4.3CVSS5.8AI score0.00263EPSS

Exploits0References1

CNVD•added 2015/11/05 12:0 a.m.•1 views

Multiple Cross-Site Scripting Vulnerabilities in Fortinet FortiManager (CNVD-2015-07355)

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices and can group devices into different management domains ADOM to further simplify multi-device security deployment and managemen...

4.3CVSS6AI score0.01674EPSS

Exploits1References1

CNVD•added 2015/11/05 12:0 a.m.•2 views

Multiple cross-site scripting vulnerabilities in Fortinet FortiManager (CNVD-2015-07354)

4.3CVSS6AI score0.01674EPSS

Exploits1References1

CNVD•added 2015/11/04 12:0 a.m.•1 views

Cisco ACS Solution Engine Cross-Site Scripting Vulnerability

Cisco Secure Access Control Server ACS is a security access control server from Cisco, Inc.Solution Engine is one of the server engine solutions. Cisco Secure Access Control Server ACS version 5.70.15, an XSS vulnerability exists in the web interface of Solution Engine. A remote attacker could...

4.3CVSS6.2AI score0.00263EPSS

Exploits0References1

CNVD•added 2015/11/04 12:0 a.m.•1 views

Cisco FireSight Management Center Cross-Site Scripting Vulnerability

Cisco FireSIGHT Management Center MC is the United States Cisco Cisco company's set of centralized on the Cisco ASA with FirePOWER Services and Cisco FirePOWER network security equipment management management center software. A cross-site scripting vulnerability exists in Cisco FireSight MC...

3.5CVSS6.3AI score0.00185EPSS

Exploits0References1

OSV•added 2015/10/31 4:59 a.m.•3 views

CVE-2015-5667

Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

5.4AI score

Exploits0References6

CNVD•added 2015/10/30 12:0 a.m.•3 views

Janitza UMG has multiple cross-site scripting vulnerabilities

The Janitza UMG is an online power quality monitor for the energy industry from Janitza Germany. The Janitza UMG 508, 509, 511, 604, 605, suffers from multiple cross-site scripting vulnerabilities. This allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.2AI score0.00888EPSS

Exploits0References1

CNVD•added 2015/10/21 12:0 a.m.•1 views

Multiple Cross-Site Scripting Vulnerabilities in Nordex NC2

Nordex Control 2 is a web-based SCADA system for wind power stations. Multiple cross-site scripting vulnerabilities exist in the Nordex Control 2 NC2 SCADA 16 and earlier versions, Wind Farm Portal application. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTM...

4.3CVSS6.2AI score0.17999EPSS

Exploits1References1

Vulnrichment•added 2015/10/18 7:0 p.m.•3 views

CVE-2015-6477

Multiple cross-site scripting XSS vulnerabilities in the Wind Farm Portal application in Nordex Control 2 NC2 SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.8AI score0.17999EPSS

Exploits1References3

Prion•added 2015/10/16 8:59 p.m.•29 views

Cross site scripting

Cross-site scripting XSS vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1812...

4.3CVSS5.8AI score0.00215EPSS

Exploits0References4Affected Software2

CNVD•added 2015/10/16 12:0 a.m.•1 views

Revive Adserver Cross-Site Scripting Vulnerability (CNVD-2015-06712)

Revive Adserver is an open source ad management system from the Revive Adserver team. A cross-site scripting vulnerability exists in the plugin upgrade form of Revive Adserver versions prior to 3.2.2, which can be exploited by a remote attacker to inject arbitrary Web script or HTML with the help...

4.3CVSS6AI score0.00256EPSS

Exploits1References1

CNVD•added 2015/10/10 12:0 a.m.•4 views

WordPress Appointment Booking Calendar Plugin Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation, and Appointment Booking Calendar is one of the appointment calendar plugins. A cross-site scripting vulnerability exists in the cpabcappointmentsadminintbookingslist.inc.php script in...

4.3CVSS6.2AI score0.00225EPSS

Exploits2References1

CNVD•added 2015/10/09 12:0 a.m.•2 views

Web Reference Database and bleeding-edge cross-site scripting vulnerabilities

Web Reference Database a.k.a. refbase is a web-based multi-user interface product developed by the refbase community to provide search tools and automated indexing for the management of scientific literature. bleeding-edge is a downloadable version. A cross-site scripting vulnerability exists in...

4.3CVSS6.1AI score0.00909EPSS

Exploits0References1

CNVD•added 2015/10/08 12:0 a.m.•1 views

IBM Emptoris Supplier Lifecycle Management and Emptoris Program Management Cross-Site Scripting Vulnerabilities

IBM Emptoris Supplier Lifecycle Management is a suite of supply chain lifecycle management programs from IBM in the United States. A cross-site scripting vulnerability in IBM Emptoris Supplier Lifecycle Management and Emptoris Program Management allows remote attackers to inject arbitrary web...

4.3CVSS6.7AI score0.00236EPSS

Exploits0References1

CNVD•added 2015/10/03 12:0 a.m.•1 views

Open-Xchange Server and Open-Xchange AppSuite Front End Cross-Site Scripting Vulnerabilities

Open-Xchange Server is a semi-open source project mainly used for developing collaboration software; OX AppSuite is a set of Web cloud desktop environment. A cross-site scripting vulnerability exists in the dialogs for printing content in the Front End of Open-Xchange Server and OX AppSuite, whic...

4.3CVSS6.4AI score0.00359EPSS

Exploits0References1

CNVD•added 2015/10/03 12:0 a.m.•1 views

WordPress Gallery - Photo Albums - Portfolio plugin cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Gallery - Photo Albums - Portfolio is a combination plugin for creating photo galleries, photo albums and rotating video and audio. A cross-site scripting...

3.5CVSS6.2AI score0.00123EPSS

Exploits1References1

CNVD•added 2015/10/03 12:0 a.m.•1 views

Web Reference Database Cross-Site Scripting Vulnerability

Web Reference Database is a web-based multi-user interface product that provides search tools and automatic indexing for managing scientific literature. Multiple scripts in Web Reference Database fail to adequately filter multiple parameters, allowing remote attackers to exploit vulnerabilities t...

4.3CVSS7AI score0.00909EPSS

Exploits0References1

CNVD•added 2015/09/22 12:0 a.m.•4 views

Cross-Site Scripting Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. login is one of the login module . A cross-site scripting vulnerability exists in the login module in Joomla! versions 3.4.4 and 3.4.x prior to Joomla! A remote attacker can exploit...

4.3CVSS6.1AI score0.00053EPSS

Exploits3References1

CNVD•added 2015/09/18 12:0 a.m.•3 views

Citrix NetScaler ADC/NetScaler Gateway Cross-Site Scripting Vulnerability

Citrix NetScaler ADCs are application delivery controllers that optimize enterprise service delivery.Citrix Access Gateway is a general purpose SSL VPN appliance. A cross-site scripting vulnerability exists in Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway versions pri...

4.3CVSS6.1AI score0.00293EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by