CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6657 matches found

NVD•added 2006/02/08 11:2 p.m.•10 views

CVE-2006-0605

Multiple cross-site scripting XSS vulnerabilities in Unknown Domain Shoutbox 2005.07.21 allow remote attackers to inject arbitrary web script or HTML, possibly via the 1 Handle or 2 Message fields...

4.3CVSS6AI score0.00572EPSS

Exploits1References6

Prion•added 2006/02/04 2:2 a.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Tachyon Vanilla Guestbook 1.0 beta allow remote attackers to inject arbitrary web script or HTML via unknown vectors related to "posting new messages."...

4.3CVSS6.1AI score0.00427EPSS

Exploits0References5Affected Software1

NVD•added 2006/02/04 12:6 a.m.•7 views

CVE-2006-0536

Cross-site scripting XSS vulnerability in neomail.pl in NeoMail 1.27 allows remote attackers to inject arbitrary web script or HTML via the sort parameter. NOTE: some sources say that the affected parameter is "date," but the demonstration URL shows that it is "sort"...

4.3CVSS5.7AI score0.00613EPSS

Exploits1References5

Prion•added 2006/02/04 12:6 a.m.•16 views

Cross site scripting

Cross-site scripting XSS vulnerability in webmailaging.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via the numdays parameter...

4.3CVSS6.1AI score0.00504EPSS

Exploits1References5

Cvelist•added 2006/02/04 12:0 a.m.•11 views

CVE-2006-0536

5.7AI score0.00613EPSS

Exploits1References5

NVD•added 2006/02/02 11:2 a.m.•15 views

CVE-2006-0524

Cross-site scripting XSS vulnerability in ashnews.php in Derek Ashauer ashNews 0.83 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

4.3CVSS5.7AI score0.0145EPSS

Exploits1References7

CVE•added 2006/02/02 11:0 a.m.•35 views

CVE-2006-0521

CVE-2006-0521 is a Cross-site scripting (XSS) vulnerability in BrowserCRM’s results.php where a manipulated query parameter can inject arbitrary script/HTML (demonstrated with an IMG SRC tag). Affects BrowserCRM; CVSS v2 base score 4.3 (MEDIUM). No explicit exploit details or remediation are prov...

4.3CVSS5.7AI score0.00527EPSS

Exploits0References7Affected Software1

Cvelist•added 2006/02/02 11:0 a.m.•16 views

CVE-2006-0521

Cross-site scripting XSS vulnerability in results.php in BrowserCRM allows remote attackers to inject arbitrary web script or HTML via certain manipulations of the query parameter, as demonstrated using an IMG SRC tag...

5.7AI score0.00527EPSS

Exploits0References7

Cvelist•added 2006/02/01 11:0 p.m.•15 views

CVE-2006-0509

Multiple cross-site scripting XSS vulnerabilities in clients.php in Cerberus Helpdesk, possibly 2.7, allow remote attackers to inject arbitrary web script or HTML via 1 the contactsearch parameter and 2 unspecified url fields...

6AI score0.06618EPSS

Exploits1References7

Cvelist•added 2006/01/31 11:0 a.m.•16 views

CVE-2006-0480

Cross-site scripting XSS vulnerability in the Articles module in sPaiz-Nuke allows remote attackers to inject arbitrary web script or HTML via the query parameter in the search file...

5.7AI score0.00685EPSS

Exploits0References6

NVD•added 2006/01/27 11:3 p.m.•14 views

CVE-2006-0466

Cross-site scripting XSS vulnerability in search.asp in Goldstag Content Management System allows remote attackers to inject arbitrary web script or HTML via the text parameter...

4.3CVSS5.7AI score0.00396EPSS

Exploits1References3

NVD•added 2006/01/27 11:3 p.m.•17 views

CVE-2006-0465

Cross-site scripting XSS vulnerability in risultatiricerca.php in active121 Site Manager allows remote attackers to inject arbitrary web script or HTML via the cerca parameter...

4.3CVSS5.7AI score0.00351EPSS

Exploits1References2

CVE•added 2006/01/27 11:0 p.m.•43 views

CVE-2006-0463

CVE-2006-0463 involves IdeoContent Manager and is described as a Cross-site scripting (XSS) vulnerability. The vulnerability allows remote attackers to inject arbitrary web script or HTML via (1) the goto_id parameter to index.php or (2) the page parameter to news_full.php. The connected document...

4.3CVSS5.7AI score0.00396EPSS

Exploits1References3Affected Software1

CVE•added 2006/01/26 10:0 p.m.•40 views

CVE-2006-0443

CVE-2006-0443 describes a cross-site scripting (XSS) flaw in CheesyBlog 1.0 (archive.php) that allows remote attackers to inject arbitrary script/HTML via the realname, comment parameters, or a javascript: URI in the url parameter when adding a comment. Affected component is the archive.php handl...

4.3CVSS5.7AI score0.09888EPSS

Exploits1References8Affected Software1

CVE•added 2006/01/23 8:0 p.m.•43 views

CVE-2006-0378

CVE-2006-0378 is a cross-site scripting (XSS) vulnerability in Netrix X-Site Manager. The issue allows remote attackers to inject arbitrary web script or HTML via the product_id parameter, with the component identified as product_details.php in some installations. The connected documents provide ...

4.3CVSS5.7AI score0.00674EPSS

Exploits1References6Affected Software1

Cvelist•added 2006/01/22 8:0 p.m.•14 views

CVE-2006-0364

Cross-site scripting XSS vulnerability in MyBulletinBoard MyBB allows remote attackers to inject arbitrary web script or HTML via a signature containing a JavaScript URI in the SRC attribute of an IMG element, in which the URI uses SGML numeric character references without trailing semicolons, as...

5.6AI score0.00674EPSS

Exploits1References6

Prion•added 2006/01/21 12:3 a.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name fullname...

4.3CVSS5.9AI score0.01345EPSS

Exploits0References11Affected Software1

Prion•added 2006/01/18 1:7 a.m.•10 views

Cross site scripting

Cross-site scripting vulnerability in index.php in PHP Fusebox 4.0.6 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter...

6.4CVSS6.7AI score0.00396EPSS

Exploits1References3Affected Software1

NVD•added 2006/01/18 1:7 a.m.•7 views

CVE-2006-0242

Cross-site scripting vulnerability in index.php in PHP Fusebox 4.0.6 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter...

6.4CVSS6.2AI score0.00396EPSS

Exploits1References3

CVE•added 2006/01/18 1:0 a.m.•35 views

CVE-2006-0242

CVE-2006-0242 corresponds to a Cross-site scripting vulnerability in PHP Fusebox 4.0.6, affecting index.php where the fuseaction parameter can be used to inject arbitrary web script or HTML. The vulnerability is triggered remotely via the fuseaction parameter, enabling partial confidentiality and...

6.4CVSS6.2AI score0.00396EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by