Lucene search
+L

183 matches found

CNVD
CNVD
added 2017/06/14 12:0 a.m.5 views

Schneider Electric U.motion Builder runscript directory traversal vulnerability

U.motion Builder is a builder product from Schneider Electric France. A directory traversal vulnerability exists in the Schneider Electric U.motion Builder runscript. When handling the 's' parameter of a small application. An attacker could exploit the vulnerability to expose files from the syste...

6.8AI score
Exploits0References1
Openbugbounty
Openbugbounty
added 2017/04/27 8:26 a.m.12 views

perrehaber.com XSS vulnerability

Vulnerable URL: https://www.perrehaber.com/?s="/alert/OPENBUGBOUNTY/...

6.9AI score
Exploits0
CNVD
CNVD
added 2017/04/06 12:0 a.m.3 views

Sweepstakes Pro Software SQL Injection Vulnerability

Sweepstakes Pro Software is a suite of sweepstakes software to increase email lists, increase social networking, and drive sales by running sweepstakes software in conjunction with sweepstakes. A SQL injection vulnerability exists in the s parameter in both win.php and widgetlb.php in Sweepstakes...

7.6AI score
Exploits0References1
Openbugbounty
Openbugbounty
added 2016/11/01 7:24 a.m.10 views

antenova-m2m.com XSS vulnerability

Vulnerable URL: http://www.antenova-m2m.com/?s=1'%22%26%25prompt/OPENBUGBOUNTY/...

6.9AI score
Exploits0
NVD
NVD
added 2015/01/13 3:59 p.m.23 views

CVE-2014-100018

Cross-site scripting XSS vulnerability in the Unconfirmed plugin before 1.2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in the unconfirmed page to wp-admin/network/users.php...

4.3CVSS5.8AI score0.02023EPSS
Exploits1References4
Patchstack
Patchstack
added 2015/01/13 12:0 a.m.22 views

WordPress Unconfirmed Plugin <= 1.2.4 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "s" parameter. Solution Update the plugin...

4.3CVSS2.9AI score0.02023EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.5 views

SimpleDark 1.2.10 - 's' Parameter Cross Site Scripting

The SimpleDark WordPress theme was affected by a 's' Parameter Cross Site Scripting security vulnerability...

1.5AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.14 views

WordPress Simple Balance Theme <= 2.2.1 - Cross Site Scripting

This vulnerability allows remote attackers to inject arbitrary script or HTML via "index.php" file, "s" parameter. Solution Update the theme...

4.5AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2014/06/23 12:0 a.m.18 views

WordPress Wikipop Plugin <= 2.0 - XSS

Because of this vulnerability in js/window.php, the attackers can inject arbitrary web script or HTML via the "s" parameter. Solution Update the plugin...

4.3CVSS2.7AI score0.01629EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2012/10/09 3:55 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in wp-live.php in the WP Live.php module 1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. NOTE: some of these details are obtained from third party information...

4.3CVSS6.2AI score0.03748EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2012/10/09 3:0 p.m.20 views

CVE-2012-5346

Cross-site scripting XSS vulnerability in wp-live.php in the WP Live.php module 1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. NOTE: some of these details are obtained from third party information...

5.8AI score0.03748EPSS
Exploits1References3
Patchstack
Patchstack
added 2011/09/29 12:0 a.m.16 views

WordPress EvoLve Theme 1.2.5 - Cross-Site Scripting

's' Parameter WordPress EvoLve theme's "s" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...

4.3CVSS3AI score0.03134EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2011/09/28 10:55 a.m.21 views

CVE-2011-3858

Cross-site scripting XSS vulnerability in the Pixiv Custom theme before 2.1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS5.8AI score0.03789EPSS
Exploits1References1
NVD
NVD
added 2011/09/28 10:55 a.m.27 views

CVE-2011-3860

Cross-site scripting XSS vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS5.8AI score0.03407EPSS
Exploits1References2
NVD
NVD
added 2011/09/28 10:55 a.m.16 views

CVE-2011-3863

Cross-site scripting XSS vulnerability in the RedLine theme before 1.66 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS5.8AI score0.03134EPSS
Exploits1References1
NVD
NVD
added 2011/09/28 10:55 a.m.16 views

CVE-2011-3852

Cross-site scripting XSS vulnerability in the EvoLve theme before 1.2.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS5.8AI score0.03134EPSS
Exploits1References1
NVD
NVD
added 2011/09/28 10:55 a.m.19 views

CVE-2011-3855

Cross-site scripting XSS vulnerability in the F8 Lite theme before 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS5.8AI score0.03134EPSS
Exploits1References1
Prion
Prion
added 2011/09/28 10:55 a.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Elegant Grunge theme before 1.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS6.2AI score0.03429EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2011/09/28 10:55 a.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS6.2AI score0.03407EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2011/09/28 10:0 a.m.18 views

CVE-2011-3850

Cross-site scripting XSS vulnerability in the Atahualpa theme before 3.6.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

5.8AI score0.03888EPSS
Exploits1References3
Rows per page
Query Builder