Lucene search
+L

60 matches found

OpenVAS
OpenVAS
added 2019/11/15 12:0 a.m.19 views

WordPress CleanTalk Plugin < 5.127.4 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.113568";...

6.1CVSS6.3AI score0.01307EPSS
Exploits0References3
Veracode
Veracode
added 2019/05/09 2:21 a.m.18 views

Cross-Site Scripting (XSS)

intelliants/subrion is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitary Javascript into a victim's browser via the name, email and phone parameter in the contacts page...

6.1CVSS5.9AI score0.00947EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2019/04/26 8:29 p.m.13 views

Cross site scripting

Cross-Site Scripting XSS vulnerability in adm/smsadmin/numbookwrite.php and adm/smsadmin/numbookupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML...

4.3CVSS6AI score0.01118EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/11/17 3:29 a.m.17 views

Cross site scripting

The application OpenEMR is affected by multiple reflected & stored Cross-Site Scripting XSS vulnerabilities affecting version 5.0.0 and prior versions. These vulnerabilities could allow remote authenticated attackers to inject arbitrary web script or HTML...

3.5CVSS5.2AI score0.00736EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/04/12 10:59 p.m.17 views

CVE-2016-4892

Cross-site scripting vulnerability in SetsucoCMS all versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.1AI score0.01278EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2015/03/29 12:0 a.m.19 views

BZR Player 1.03 DLL Hijacking

/ + Author: TUNISIAN CYBER + Exploit Title: BZR Player 1.03 DLL Hijacking + Date: 29-03-2015 + Type: Local Exploits + Vendor: http://bzrplayer.blazer.nu/ + Tested on: WinXp/Windows 7 Pro + Friendly Sites: sec4ever.com + Twitter: @TCYB3R + gcc -shared -o DLLNAMEchoose one from the lis below.dll...

0.2AI score
Exploits0
NVD
NVD
added 2015/01/16 3:59 p.m.23 views

CVE-2015-1058

Multiple cross-site scripting XSS vulnerabilities in AdaptCMS 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 dataCategorytitle parameter to admin/categories/add, 2 dataFieldtitle parameter to admin/fields/ajaxfields/, 3 name property in a basicInfo JSON object to...

4.3CVSS5.8AI score0.04266EPSS
Exploits2References9
Exploit DB
Exploit DB
added 2014/03/25 12:0 a.m.81 views

FreePBX - &#039;config.php&#039; Remote Code Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "FreePBX config.php Remote Code Execution", 'Description' = %q This module exploits a vulnerability found in FreePBX version 2.9, 2.10...

7.5CVSS7.4AI score0.52186EPSS
Exploits12
Cvelist
Cvelist
added 2013/11/15 8:0 p.m.39 views

CVE-2013-4519

Multiple cross-site scripting XSS vulnerabilities in Review Board 1.6.x before 1.6.21 and 1.7.x before 1.7.17 allow remote attackers to inject arbitrary web script or HTML via the 1 Branch field or 2 caption of an uploaded file...

7AI score0.02015EPSS
Exploits0References7
Packet Storm
Packet Storm
added 2013/08/11 12:0 a.m.23 views

HTCSyncManagerUpdate DLL Hijacking

Exploit Title: HTCSyncManagerUpdate quserex.dll & mfc71enu.dll & mfc71loc.dll Path Subversion Arbitrary DLL Injection Code Execution Author: IranianDarkCodersTeam Discovered by A.CH12 Software Link: http://www.htc.com/ Version: 2.1.46.0 Tested on: Windows 7 //...

0.4AI score
Exploits0
Prion
Prion
added 2012/11/17 9:55 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the sedimport function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote attackers to inject arbitrary web script or HTML via the 1 newmsg or 2 rtext parameter. NOTE: some of these details are obtained from third party...

2.6CVSS6.1AI score0.01321EPSS
Exploits1References6
Prion
Prion
added 2012/11/02 3:55 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in the administrative interface in the Better Revisions module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer better revisions" permission to inject arbitrary web script or HTML via unspecified vectors...

2.1CVSS5.7AI score0.00941EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2012/08/31 7:55 p.m.29 views

CVE-2012-2872

Cross-site scripting XSS vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS7.2AI score0.01077EPSS
Exploits0References2
0day.today
0day.today
added 2011/10/25 12:0 a.m.40 views

phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Injection

Exploit for php platform in category web applications $Id: phpscheduleitstartdate.rb 14073 2011-10-26 18:06:12Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informatio...

7.1AI score0.26143EPSS
Exploits5
Prion
Prion
added 2011/05/07 7:55 p.m.29 views

Cross site scripting

Cross-site scripting XSS vulnerability in Liferay Portal Community Edition CE 5.x and 6.x before 6.0.6 GA allows remote authenticated users to inject arbitrary web script or HTML via a blog title...

3.5CVSS5.7AI score0.00992EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2008/01/04 11:46 a.m.18 views

CVE-2007-6659

Multiple cross-site scripting XSS vulnerabilities in 2z project 0.9.6.1 allow remote attackers to inject arbitrary web script or HTML via the 1 contentshort or 2 contentfull parameter in an addnews action to the default URI; 3 the content parameter in a pm write action to 2z/admin.php; 4 the...

4.3CVSS5.8AI score0.01107EPSS
Exploits1References5
NVD
NVD
added 2007/11/15 10:46 p.m.18 views

CVE-2007-6001

Multiple cross-site scripting XSS vulnerabilities in index.php in Bandersnatch 0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 func or 2 date parameter, or the jid parameter in a 3 log or 4 user action, a different vulnerability than CVE-2007-3910...

4.3CVSS5.6AI score0.01837EPSS
Exploits0References3
Prion
Prion
added 2007/09/20 9:17 p.m.11 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in Phormer 3.31 allow remote attackers to inject arbitrary web script or HTML via the 1 u, 2 p, 3 c, and 4 s parameters, and other unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained sole...

4.3CVSS6AI score0.01073EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2006/06/15 10:2 a.m.12 views

CVE-2006-3030

Multiple cross-site scripting XSS vulnerabilities in DwZone Shopping Cart 1.1.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 ToCategory and 2 FromCategory parameters to a ProductDetailsForm.asp and 3 UserName and 4 Password parameters to b...

4.3CVSS5.8AI score0.01299EPSS
Exploits0References6
Prion
Prion
added 2006/06/02 10:18 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in add.asp in Hogstorps hogstorp guestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the 1 name, 2 email, and 3 headline parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

6.8CVSS6AI score0.01439EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder