CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4548 matches found

RedhatCVE•added 2025/05/22 4:10 a.m.•7 views

CVE-2014-100037

Cross-site scripting XSS vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to archives/...

4.3CVSS6AI score0.00225EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:9 a.m.•4 views

CVE-2013-7419

Cross-site scripting XSS vulnerability in includes/refreshDate.php in the Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the roomid parameter...

4.3CVSS6AI score0.00152EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:9 a.m.•5 views

CVE-2010-2985

Multiple cross-site scripting XSS vulnerabilities in IBM WebSphere Service Registry and Repository WSRR 6.3 allow remote attackers to inject arbitrary web script or HTML via 1 the searchTerm parameter to ServiceRegistry/HelpSearch.do or 2 the queryItems0.value parameter to...

4.3CVSS5.8AI score0.00256EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:8 a.m.•8 views

CVE-2010-2969

Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/LikePages.py, 2 action/chart.py, and 3 action/userprofile.py, a similar issue to...

4.3CVSS6AI score0.01289EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:8 a.m.•2 views

CVE-2012-1807

Cross-site scripting XSS vulnerability in the web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00339EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:3 a.m.•3 views

CVE-2013-7288

Cross-site scripting XSS vulnerability in the mycodeparsevideo function in inc/classparser.php in MyBB aka MyBulletinBoard before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via vectors related to Yahoo video URLs...

4.3CVSS5.8AI score0.00357EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:1 a.m.•7 views

CVE-2018-8062

A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...

5.4CVSS5.8AI score0.0018EPSS

Exploits3References1

RedhatCVE•added 2025/05/22 3:49 a.m.•6 views

CVE-2010-2722

Cross-site scripting XSS vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to inject arbitrary web script or HTML via the artistid parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the...

4.3CVSS6.2AI score0.00263EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:44 a.m.•5 views

CVE-2015-4465

Cross-site scripting XSS vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00324EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:39 a.m.•8 views

CVE-2012-3279

Multiple cross-site scripting XSS vulnerabilities in HP Network Node Manager i NNMi 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00623EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:37 a.m.•5 views

CVE-2015-5355

Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via the 1 post-content or 2 post-title parameter to admin/edit.php...

4.3CVSS6AI score0.00296EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:35 a.m.•5 views

CVE-2011-2770

Cross-site scripting XSS vulnerability in man2html.cgi.c in man2html 1.6, and possibly other version, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to error messages...

4.3CVSS5.8AI score0.00285EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:32 a.m.•5 views

CVE-2013-0703

Cross-site scripting XSS vulnerability in imgboard.com imgboard before 1.22R6.1 u and 20xx before 2010u allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00254EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:29 a.m.•7 views

CVE-2011-2661

Multiple cross-site scripting XSS vulnerabilities in WebAccess in Novell GroupWise 8.0 before HP3 allow remote attackers to inject arbitrary web script or HTML via the 1 Directory.Item.name or 2 Directory.Item.displayName parameter...

4.3CVSS6AI score0.0025EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:29 a.m.•7 views

CVE-2011-4956

Cross-site scripting XSS vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.8AI score0.00791EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:19 a.m.•6 views

CVE-2018-16248

b3log Solo 2.9.3 has XSS in the Input page under the "Publish Articles" menu with an ID of "articleTags" stored in the "tag" JSON field, which allows remote attackers to inject arbitrary Web scripts or HTML via a carefully crafted site name in an admin-authenticated HTTP request...

6.1CVSS5.8AI score0.00208EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:17 a.m.•4 views

CVE-2012-5591

Cross-site scripting XSS vulnerability in the Zero Point module 6.x-1.x before 6.x-1.18 and 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via the path aliases...

4.3CVSS6AI score0.00285EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:14 a.m.•6 views

CVE-2012-5460

Cross-site scripting XSS vulnerability in the help page in Juniper Secure Access SA with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrary web script or HTML via the WWHSearchWordsText parameter...

4.3CVSS5.8AI score0.00263EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:14 a.m.•5 views

CVE-2012-2595

Multiple cross-site scripting XSS vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors involving special characters in parameters...

4.3CVSS5.9AI score0.00385EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:13 a.m.•7 views

CVE-2013-1955

Multiple cross-site scripting XSS vulnerabilities in 1 index.php and 2 datePicker.php in Easy PHP Calendar 6.x and 7.x before 7.0.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.00296EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by