Lucene search
+L

71 matches found

cvelist
cvelist
added 2014/07/10 4:0 p.m.27 views

CVE-2014-4847

Cross-site scripting XSS vulnerability in the Random Banner plugin 1.1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the buffercodeRBannerurlbanner1 parameter in an update action to wp-admin/options.php...

5.8AI score0.01618EPSS
Exploits1References2
cvelist
cvelist
added 2014/02/07 3:0 p.m.26 views

CVE-2014-1915

Multiple cross-site request forgery CSRF vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to hijack the authentication of 1 administrators for requests that change the administrator password via an update action to sw/adminchangepassword.php or 2...

7.5AI score0.02468EPSS
Exploits1References4
ubuntucve
ubuntucve
added 2013/10/24 10:53 a.m.31 views

CVE-2013-1734

Cross-site request forgery CSRF vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that commit an attachment change via a...

6.8CVSS6AI score0.00579EPSS
Exploits1References3
nvd
nvd
added 2011/12/29 10:55 p.m.21 views

CVE-2011-4615

Multiple cross-site scripting XSS vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter aka host groups name to 1 hostgroups.php and 2 usergrps.php, the update action to 3 hosts.php and 4 scripts.php, and 5 maintenance.php...

4.3CVSS5.7AI score0.01371EPSS
Exploits0References8
ubuntucve
ubuntucve
added 2011/12/29 10:55 p.m.24 views

CVE-2011-4615

Multiple cross-site scripting XSS vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter aka host groups name to 1 hostgroups.php and 2 usergrps.php, the update action to 3 hosts.php and 4 scripts.php, and 5 maintenance.php...

4.3CVSS5.9AI score0.01371EPSS
Exploits0References3
cvelist
cvelist
added 2011/12/29 10:0 p.m.23 views

CVE-2011-4615

Multiple cross-site scripting XSS vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter aka host groups name to 1 hostgroups.php and 2 usergrps.php, the update action to 3 hosts.php and 4 scripts.php, and 5 maintenance.php...

5.5AI score0.01371EPSS
Exploits0References8
prion
prion
added 2010/07/30 8:30 p.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in AJ Square AJ Article 3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 emailid, 2 fname, 3 lname, 4 company, 5 address1, 6 address2, 7 city, 8 state, 9 zipcode, 10 phone, and 11 fax parameters in an update...

4.3CVSS6.1AI score0.0172EPSS
Exploits1References6Affected Software1
cvelist
cvelist
added 2010/07/30 8:0 p.m.21 views

CVE-2010-2917

Multiple cross-site scripting XSS vulnerabilities in index.php in AJ Square AJ Article 3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 emailid, 2 fname, 3 lname, 4 company, 5 address1, 6 address2, 7 city, 8 state, 9 zipcode, 10 phone, and 11 fax parameters in an update...

5.8AI score0.0172EPSS
Exploits1References6
nvd
nvd
added 2009/01/12 8:0 p.m.18 views

CVE-2008-5893

Cross-site scripting XSS vulnerability in admindblayers.asp in ClickAndEmail allows remote attackers to inject arbitrary web script or HTML via the tablename parameter in an update action...

2.6CVSS5.7AI score0.01577EPSS
Exploits0References4
prion
prion
added 2009/01/12 8:0 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in admindblayers.asp in ClickAndEmail allows remote attackers to inject arbitrary web script or HTML via the tablename parameter in an update action...

2.6CVSS6.2AI score0.01577EPSS
Exploits0References4
prion
prion
added 2007/04/22 7:19 p.m.20 views

Code injection

Static code injection vulnerability in process.php in AimStats 3.2 allows remote attackers to inject PHP code into config.php via the number parameter in an update action...

7.5CVSS7.7AI score0.44433EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder