CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

863 matches found

0day.today•added 2014/08/01 12:0 a.m.•21 views

SkaDate Lite 2.0 - Multiple CSRF And Persistent XSS Vulnerabilities

SkaDate Lite version 2.0 suffers from multiple cross-site request forgery and stored xss vulnerabilities. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with...

Packet Storm•added 2014/07/30 12:0 a.m.•31 views

SkaDate Lite 2.0 CSRF / Cross Site Scripting

SkaDate Lite 2.0 Mu...

OpenVAS•added 2014/07/21 12:0 a.m.•27 views

WordPress ActiveHelper LiveHelp Live Chat Plugin Cross Site Scripting Vulnerability

WordPress ActiveHelper LiveHelp Live Chat Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

4.3CVSS5.7AI score0.04513EPSS

Exploits1References2

0day.today•added 2014/07/17 12:0 a.m.•33 views

Omeka 2.2 - CSRF And Stored XSS Vulnerability

Omeka version 2.2 suffers from cross site request forgery and cross site scripting vulnerabilities. !-- Omeka 2.2 CSRF And Stored XSS Vulnerability Vendor: Omeka Team CHNM GMU Product web page: http://www.omeka.org Affected version: 2.2 Summary: Omeka is a free, flexible, and open source...

Exploit DB•added 2014/07/17 12:0 a.m.•27 views

Omeka 2.2 - Cross-Site Request Forgery / Persistent Cross-Site Scripting

html...

OpenVAS•added 2014/07/10 12:0 a.m.•14 views

WordPress Game-Tabs plugin 'n' Parameter Cross Site Scripting Vulnerability

WordPress Game-Tabs Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS5.7AI score0.01629EPSS

Exploits1References1

seebug.org•added 2014/07/01 12:0 a.m.•18 views

GNU Mailman 2.0.x Admin Login Variant Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5299/info GNU Mailman is prone to a cross-site scripting vulnerability. An attacker may construct a malicious link to the administrative login page, which contains arbitrary HTML and script code. A user visiting the link...

seebug.org•added 2014/07/01 12:0 a.m.•14 views

Helios Calendar 1.1/1.2 Admin/Index.PHP Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26312/info Helios Calendar is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in ...

seebug.org•added 2014/07/01 12:0 a.m.•14 views

MTP Poll 1.0 - Multiple XSS Vulnerabilities

No description provided by source. ?!-- MTP Poll 1.0 Multiple Remote Script Insertion Vulnerabilities Vendor: MTP Scripts Product web page: http://www.morephp.net Affected version: 1.0 Summary: More than poll is a polling system with a powerful administration tool. It features: multiple pools,...

seebug.org•added 2014/07/01 12:0 a.m.•30 views

Five Star Review Script 0 index2.php sort Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18390/info Five Star Review Script is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to run arbitrary HTML a...

seebug.org•added 2014/07/01 12:0 a.m.•20 views

Code-Crafters Ability Mail Server 1.18 errormsg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10695/info Ability Mail Server is reported prone to multiple vulnerabilities that may allow a remote attacker to carry out cross-site scripting and denial of service attacks. The server is prone to a cross-site scripting...

seebug.org•added 2014/07/01 12:0 a.m.•11 views

httprint 202.0 HTTP Response Server Field Overflow DoS

No description provided by source. source: http://www.securityfocus.com/bid/16031/info httprint is prone to multiple remote vulnerabilities. The first issue may allow remote attackers to execute arbitrary HTML and script code in a user's browser. The second issue may allow remote attackers to cra...

seebug.org•added 2014/07/01 12:0 a.m.•15 views

SSGBook 1.0 Image Tag HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/5915/info SSGbook includes codes for allowing users to specify HTML formatting and layout inside of guestbook entries. For example, a user can include an image by including it inside of image or img tags. However, arbitra...

seebug.org•added 2014/07/01 12:0 a.m.•15 views

docuFORM Mercury WebApp 6.16a/5.20 Multiple XSS Vulnerabilities

No description provided by source. !-- docuFORM Mercury WebApp 6.16a/5.20 Multiple Cross-Site Scripting Vulnerabilities Vendor: docuFORM GmbH Product web page: http://www.docuform.de Affected version: 6.16a and 5.20 Summary: Unlimited options for production printing and customer solutions. Desc:...

seebug.org•added 2014/07/01 12:0 a.m.•10 views

Microsoft Content Management Server 2001 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5922/info Microsoft Content Management Server 2001 is reported to be prone to cross-site scripting attacks. An attacker could construct a malicious link to a vulnerable host that contains arbitrary HTML and script code. I...

seebug.org•added 2014/07/01 12:0 a.m.•19 views

PHP-Fusion 5.0 BBCode IMG Tag Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12751/info PHP-Fusion is reported prone to a script injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input prior to including it in dynamically generated content. An...

seebug.org•added 2014/07/01 12:0 a.m.•12 views

Hummingbird Collaboration Application Cookie Internal Network Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/16195/info Hummingbird Enterprise Collaboration is prone to multiple vulnerabilities. The following specific issues were identified: The application reportedly allows remote attackers to upload arbitrary HTML files and...

seebug.org•added 2014/07/01 12:0 a.m.•26 views

Honey Soft Web Solution Multiple Vulnerabilities

No description provided by source. ----------------------------------------------------------------------------------------- Honey Soft detail.php?proddetail= & products.php?catid= SQL-i/XSS Multiple Vulnerabilities...

seebug.org•added 2014/07/01 12:0 a.m.•11 views

vBulletin 2.2.7/2.2.8 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6337/info Problems with vBulletin could make it possible for an attacker to inject arbitrary HTML in vBulletin forum messages. vBulletin does not sufficiently filter potentially malicious HTML code from posted messages. A...

seebug.org•added 2014/07/01 12:0 a.m.•29 views

Computer Associates SiteMinder Web Agent Smpwservices.FCC Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26375/info Computer Associates SiteMinder Web Agent is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrar...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by