CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4545 matches found

CNVD•added 2020/01/10 12:0 a.m.•2 views

Cisco Data Center Analytics Framework Cross-Site Scripting Vulnerability (CNVD-2020-02286)

Cisco Data Center Analytics Framework DCAF application is a set of data center analytics frameworks from the U.S. company Cisco Cisco. A cross-site scripting vulnerability exists in the web management interface in Cisco Data Center Analytics Framework Releases prior to 8.3.7.5.4, which stems from...

6.1CVSS6.6AI score0.00319EPSS

Exploits0References1

OSV•added 2020/01/09 11:15 p.m.•0 views

CVE-2020-6758

A cross-site scripting XSS vulnerability in Option/optionsAll.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 KDI Version allows remote attackers to inject arbitrary web script or HTML via the ContentFrame parameter...

6.1CVSS6.2AI score0.00313EPSS

Exploits1References1

OSV•added 2020/01/06 6:15 a.m.•1 views

CVE-2019-5988

Stored cross-site scripting vulnerability in Access analysis CGI An-Analyzer released in 2019 June 24 and earlier allows remote attackers to inject arbitrary web script or HTML via the Management Page...

6.1CVSS6.5AI score0.00402EPSS

Exploits1References2

CNVD•added 2020/01/06 12:0 a.m.•1 views

Telos Automated Message Handling System Cross-Site Scripting Vulnerability

Telos Automated Message Handling System is an automated message handling system that automates the Web-based distribution and management of enterprise-wide organizational messages. A cross-site scripting vulnerability exists in itemlookup.asp in Telos Automated Message Handling System versions...

6.1CVSS6.3AI score0.00279EPSS

Exploits0References1

CNVD•added 2020/01/06 12:0 a.m.•1 views

Telos Automated Message Handling System Cross-Site Scripting Vulnerability (CNVD-2020-04115)

Telos Automated Message Handling System AMHS is an automated message handling system that enables automated Web-based distribution and management of enterprise-wide organizational messages. A cross-site scripting vulnerability exists in ModalWindowPopup.asp in Telos Automated Message Handling...

6.1CVSS6.3AI score0.00279EPSS

Exploits0References1

OSV•added 2020/01/03 10:15 p.m.•2 views

CVE-2019-9541

: Information Exposure vulnerability in itemlookup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session. This issue affects: Telos Automated Message Handling System versions prior to 4.1.5.5...

6.1CVSS5.9AI score0.00279EPSS

Exploits0References1

OSV•added 2020/01/03 10:15 p.m.•1 views

CVE-2019-9538

: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the LDAP cbURL parameter of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session. This issue affects: Telos Automated Message Handling...

6.1CVSS6.5AI score0.00279EPSS

Exploits0References1

OSV•added 2020/01/03 10:15 p.m.•1 views

CVE-2019-9537

: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uploaditem.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session. This issue affects: Telos Automated Message Handling System...

6.1CVSS6.5AI score

Exploits0References1

OSV•added 2019/12/26 4:15 p.m.•2 views

CVE-2019-6033

Cross-site scripting vulnerability in a-blog cms versions prior to Ver.2.10.23 Ver.2.10.x, Ver.2.9.26 Ver.2.9.x, and Ver.2.8.64 Ver.2.8.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.5AI score0.00402EPSS

Exploits0References2

OSV•added 2019/12/26 4:15 p.m.•1 views

CVE-2019-6011

Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.8AI score0.00267EPSS

Exploits0References2

Positive Technologies•added 2019/12/05 12:0 a.m.•2 views

PT-2019-18459 · Synology · Video Station

Name of the Vulnerable Software and Affected Versions: Video Station versions prior to the latest version Description: This issue allows remote attackers to inject and execute scripts on the administrator’s management console through a cross-site scripting XSS vulnerability in Video Station...

4.8CVSS5.7AI score0.00209EPSS

Exploits0References2

ATTACKERKB•added 2019/11/22 7:15 p.m.•2 views

CVE-2013-0203

Multiple cross-site scripting XSS vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 unspecified parameters to apps/calendar/ajax/event/new.php or 2 url parameter to apps/bookmarks/ajax/addBookmark.php...

5.4CVSS5.4AI score0.00236EPSS

Exploits0References4Affected Software1

OSV•added 2019/11/21 8:15 p.m.•4 views

CVE-2015-2793

Cross-site scripting XSS vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attackers to inject arbitrary web script or HTML via the openididentifier parameter in a verify action to ikiwiki.cgi...

6.1CVSS6AI score

Exploits0References17

ATTACKERKB•added 2019/11/20 3:15 p.m.•3 views

CVE-2013-0193

Cross-site Scripting XSS in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0194 and CVE-2013-0195...

6.1CVSS5.8AI score0.00472EPSS

Exploits0References5Affected Software1

NVD•added 2019/11/04 3:15 p.m.•8 views

CVE-2013-4103

Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input...

9.8CVSS9.7AI score0.07142EPSS

Exploits2References5

Prion•added 2019/11/04 3:15 p.m.•12 views

Design/Logic Flaw

Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input...

7.5CVSS7.5AI score0.07142EPSS

Exploits2References5Affected Software1

Cvelist•added 2019/11/04 2:41 p.m.•12 views

CVE-2013-4103

Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input...

9.8AI score0.07142EPSS

Exploits2References5

CVE•added 2019/11/04 2:41 p.m.•39 views

CVE-2013-4103

Cryptocat prior to 2.0.22 is vulnerable to Remote Script Injection caused by improper sanitization of user input. Affected software: Cryptocat (versions before 2.0.22). Impact per sources: potential arbitrary script execution in the context of the application. Remediation: upgrade to Cryptocat 2....

9.8CVSS9.5AI score0.07142EPSS

Exploits2References5Affected Software1

OSV•added 2019/10/31 8:15 p.m.•1 views

DEBIAN-CVE-2013-1951

A cross-site scripting XSS vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names...

6.1CVSS6.1AI score0.0198EPSS

Exploits0References1

OSV•added 2019/10/30 11:15 p.m.•3 views

CVE-2010-1673

A cross-site scripting XSS vulnerability in ikiwiki before 3.20101112 allows remote attackers to inject arbitrary web script or HTML via a comment...

6.1CVSS5.4AI score0.00332EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by