CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4544 matches found

CNVD•added 2017/06/23 12:0 a.m.•1 views

Cisco Firepower Management Center Cross-Site Scripting Vulnerability (CNVD-2017-15830)

Cisco Firepower Management Center is a new generation of firewall management center software from the U.S. company Cisco Cisco. A cross-site scripting vulnerability exists in the web framework code in Cisco Firepower Management Center versions prior to 6.0.0.0, which arises from the program's...

5.4CVSS6.7AI score0.00171EPSS

Exploits0References1

ATTACKERKB•added 2017/06/14 9:29 p.m.•1 views

CVE-2017-9624

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted currency decimal-sign data...

6.1CVSS5.4AI score0.00222EPSS

Exploits1References3

OSV•added 2017/06/09 4:29 p.m.•0 views

CVE-2016-7817

Cross-site scripting vulnerability in Simple keitai chat 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00233EPSS

Exploits0References2

CNVD•added 2017/06/09 12:0 a.m.•1 views

Cisco Email Security and Content Security Management Appliance Cross-Site Scripting Vulnerability

The Cisco Email Security Appliance is a suite of email security appliances.Cisco Content Security Management is a unified email and Web security management solution. A cross-site scripting vulnerability in the Cisco Email Security and Content Security Management Appliance allows remote attackers ...

6.1CVSS5.9AI score0.00296EPSS

Exploits0References1

CNVD•added 2017/06/06 12:0 a.m.•2 views

Bram Korsten Note Cross-Site Scripting Vulnerability

Bram Korsten Note is a lightweight php-based content management system developed by Dutch developer Bram Korsten. A cross-site scripting vulnerability exists in the note-source\ui\editor.php file in Bram Korsten Note 1.2.0 and earlier versions. A remote attacker can exploit this vulnerability to...

6.1CVSS6.1AI score0.0024EPSS

Exploits1References1

CNVD•added 2017/06/06 12:0 a.m.•1 views

Lansweeper Cross-Site Scripting Vulnerability

Lansweeper is a network-assisted software that lists Windows hardware from Lansweeper Belgium. A cross-site scripting vulnerability exists in the image retrieval URI in versions of Lansweeper prior to 6.0.0.65. A remote attacker could exploit this vulnerability to inject arbitrary web script or...

6.1CVSS6AI score0.0024EPSS

Exploits2References1

OSV•added 2017/06/05 7:29 p.m.•4 views

CVE-2017-9441

Multiple cross-site scripting XSS vulnerabilities in BigTree CMS through 4.2.18 allow remote authenticated users to inject arbitrary web script or HTML by uploading a crafted package, triggering mishandling of the 1 title or 2 version or 3 authorname parameter in manifest.json. This issue exists ...

5.4CVSS5.6AI score

Exploits0References1

CNVD•added 2017/06/02 12:0 a.m.•1 views

HPE Aruba ClearPass Policy Manager Cross-Site Scripting Vulnerability

HPE Aruba ClearPass Policy Manager is a network access control solution from Hewlett Packard Enterprise HPE. A cross-site scripting vulnerability exists in versions of HPE Aruba ClearPass Policy Manager prior to 6.6.5. A remote attacker could exploit this vulnerability to inject arbitrary web...

5.4CVSS6.1AI score0.00279EPSS

Exploits0References1

CNVD•added 2017/06/02 12:0 a.m.•2 views

WordPress WP Live Chat Support Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports setting up personal blog sites on servers running PHP and MySQL.WP Live Chat Support is one of the components that supports live chat. A cross-site scripting vulnerability exists...

6.1CVSS6AI score0.00192EPSS

Exploits0References1

CNVD•added 2017/06/01 12:0 a.m.•2 views

Allen Disk Cross-Site Scripting Vulnerability

Allen Disk is a free, open source cloud-based hard disk product that features encrypted file storage, online preview, file sharing and more. A cross-site scripting vulnerability exists in Allen Disk version 1.6. A remote attacker can inject arbitrary web script or HTML by uploading a specially...

5.4CVSS6AI score0.00152EPSS

Exploits1References1

CNVD•added 2017/05/31 12:0 a.m.•1 views

WordPress Markdown on Save Improved Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation a set of blogging platform using PHP language development, the platform supports in PHP and MySQL server set up a personal blog site.Markdown on Save Improved is one of the editor plugin. A cross-site scripting vulnerability exists in the posting...

6.1CVSS6AI score0.0021EPSS

Exploits0References1

OSV•added 2017/05/26 1:29 a.m.•1 views

CVE-2017-9037

Multiple cross-site scripting XSS vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web script or HTML via the 1 S44, 2 S5, 3 Sactionfail, 4 Sptnupdate, 5 T113, 6 T114, 7 T115, 8 T117117, 9 T118, 10 Tactionfail, 11 Tptnupdate, 12...

6.1CVSS5.8AI score

Exploits0References5

CNVD•added 2017/05/24 12:0 a.m.•2 views

Telerik Reporting for ASP.NET WebForms Report Viewer Control Cross-Site Scripting Vulnerability

Telerik Reporting for ASP.NET WebForms Report Viewer control is an ASP.NET-based report generation control developed by Telerik Inc. A cross-site scripting vulnerability exists in Telerik Reporting for ASP.NET WebForms Report Viewer control versions prior to Telerik ASP.NET WebForms Report Viewer...

6.1CVSS6.2AI score0.04838EPSS

Exploits0References1

OSV•added 2017/05/23 4:29 a.m.•1 views

CVE-2017-7288

Cross-site scripting XSS vulnerability in Zimbra Collaboration Suite ZCS before 8.7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References3

OSV•added 2017/05/23 4:29 a.m.•0 views

UBUNTU-CVE-2015-5381

Cross-site scripting XSS vulnerability in program/include/rcmail.php in Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter to the default URI...

6.1CVSS7AI score0.01182EPSS

Exploits0References4

CNVD•added 2017/05/22 12:0 a.m.•3 views

MODX Revolution Cross-Site Scripting Vulnerability (CNVD-2017-07468)

MODX Revolution is a PHP-based open source content management system CMS from the U.S. company MODX. The system supports online collaboration, search engine optimization SEO, add-ons and more. A cross-site scripting vulnerability exists in versions of MODX Revolution prior to 2.5.7. A remote...

5.4CVSS5.4AI score0.00255EPSS

Exploits1References1

CNVD•added 2017/05/19 12:0 a.m.•1 views

WordPress adsense-click-fraud-monitoring phpwhois cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports personal blog sites on PHP and MySQL servers. adsense-click-fraud-monitoring is one of the malicious click monitoring plugins. phpwhois is a package containing Whois libraries fo...

6.1CVSS6.1AI score0.00173EPSS

Exploits0References1

OSV•added 2017/05/12 6:29 p.m.•1 views

DEBIAN-CVE-2016-4855

Cross-site scripting vulnerability in ADOdb versions prior to 5.20.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.3AI score0.00361EPSS

Exploits0References1

OSV•added 2017/05/12 6:29 p.m.•0 views

CVE-2016-4858

Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to 5.0.16 and Splunk Light...

4.8CVSS5.9AI score

Exploits0References2

CNVD•added 2017/05/08 12:0 a.m.•1 views

Accellion FTA Device Cross-Site Scripting Vulnerability (CNVD-2017-07449)

Accellion File Transfer is a web-based file transfer/synchronization system. A cross-site scripting vulnerability exists in the Accellion FTA appliance FTA912180 and prior versions. This allows remote attackers to inject arbitrary web script or HTML...

6.1CVSS6.2AI score0.00328EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by