Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

485 matches found

Prion
Prionadded 2012/08/29 10:56 a.m.19 views

Code injection

Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window...

9.3CVSS7.5AI score0.01126EPSS
Exploits1References8Affected Software1
Prion
Prionadded 2012/08/29 10:56 a.m.15 views

Code injection

The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that injects this code and...

9.3CVSS7.5AI score0.02199EPSS
Exploits0References12Affected Software4
UbuntuCve
UbuntuCveadded 2012/08/29 12:0 a.m.27 views

CVE-2012-3965

Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window...

9.3CVSS7.3AI score0.01126EPSS
Exploits1References2
Exploit DB
Exploit DBadded 2012/07/03 12:0 a.m.31 views

gpEasy CMS Minishop 1.5 Plugin - Persistent Cross-Site Scripting

Exploit Title: gp easy CMS Minishop 1.5 plugin persistent XSS Date: july 2 2012 Exploit Author: Carlos Mario Penahos Hollmann Vendor Homepage:http://gpeasy.com/Download Software Link: http://gpeasy.com/SpecialAddonPlugins?cmd=download&id=31 Version: 1.5 The vulnerable code is in the Minishop 1.5...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2012/07/03 12:0 a.m.17 views

gpEasy CMS Minishop 1.5 Plugin - Persistent Cross-Site Scripting

gpEasy CMS Minishop 1.5 Plugin - Persistent Cross-Site Scripting Exploit Title: gp easy CMS Minishop 1.5 plugin persistent XSS Date: july 2 2012 Exploit Author: Carlos Mario Penahos Hollmann Vendor Homepage:http://gpeasy.com/Download Software Link:...

6.7AI score
Exploits0
Packet Storm
Packet Stormadded 2012/07/03 12:0 a.m.24 views

gp Easy CMS Minishop 1.5 Cross Site Scripting

Exploit Title: gp easy CMS Minishop 1.5 plugin persistent XSS Date: july 2 2012 Exploit Author: Carlos Mario Penahos Hollmann Vendor Homepage:http://gpeasy.com/Download Software Link: http://gpeasy.com/SpecialAddonPlugins?cmd=download&id=31 Version: 1.5 The vulnerable code is in the Minishop 1.5...

0.2AI score
Exploits0
Packet Storm
Packet Stormadded 2012/04/20 12:0 a.m.30 views

Kaseya 6.2.0.0 Cross Site Scripting

Summary The Kaseya version 6.2.0.0 web interface and possibly other versions is vulnerable to Cross-Site Scripting in the "adminName" variable. 2. Description By submitting malicious input such as the following, it is possible to render javascript in the security context of the Kaseya server:...

7.4AI score
Exploits0
Prion
Prionadded 2011/10/14 10:55 a.m.15 views

Directory traversal

Directory traversal vulnerability in Apple Safari before 5.1.1 allows remote attackers to execute arbitrary JavaScript code, in a Safari Extensions context, via a crafted safari-extension: URL...

6.8CVSS7.2AI score0.00194EPSS
Exploits2References4Affected Software1
Cvelist
Cvelistadded 2011/10/14 10:0 a.m.21 views

CVE-2011-3229

Directory traversal vulnerability in Apple Safari before 5.1.1 allows remote attackers to execute arbitrary JavaScript code, in a Safari Extensions context, via a crafted safari-extension: URL...

6.6AI score0.00194EPSS
Exploits2References4
Packet Storm
Packet Stormadded 2011/08/22 12:0 a.m.19 views

DragDropCart Cross Site Scripting

Exploit Title: DragDropCart E-Commerce System Stored XSS Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability ISSUE Cross Site Scripting can be done using the command input Vulnerable Page: search.php yaxaluser.php Example: search.php?search= Exploit: "/...

7.4AI score
Exploits0
Prion
Prionadded 2011/08/18 6:55 p.m.20 views

Code injection

Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering...

10CVSS7.8AI score0.01538EPSS
Exploits1References10Affected Software3
Packet Storm
Packet Stormadded 2011/05/30 12:0 a.m.46 views

Apache Archiva 1.3.4 Cross Site Scripting

Hi, This is regarding multiple XSS Cross Site Scripting Vulnerabilities in Apache Archiva 1.3.4 and previous versions. The following is the disclosure document Project: Apache Archiva Severity: High Versions: 1.3.0 - 1.3.4. The unsupported versions Archiva 1.0 - 1.2.2 are also affected. Exploit...

6.8CVSS6.4AI score0.02703EPSS
Exploits6
myhack58
myhack58added 2011/05/05 12:0 a.m.12 views

Classmates XSS cross-site vulnerabilities-vulnerability warning-the black bar safety net

Vulnerability description: Classmates 1.1.1 design flaws, leading toXSScross-site vulnerability; user can be in a vulnerable application to execute arbitrary JavaScript code. Since the vulnerability exists in“/themes/default/header.inc.php“script is not properly sanitized of user-supplied input t...

0.6AI score
Exploits0
Packet Storm
Packet Stormadded 2011/05/04 12:0 a.m.23 views

SelectaPix Image Gallery 1.4.1 Cross Site Scripting

Vulnerability ID: HTB22964 Reference: http://www.htbridge.ch/advisory/xssinselectapiximagegallery.html Product: SelectaPix Image Gallery Vendor: http://www.outofthetrees.co.uk/ http://www.outofthetrees.co.uk/ Vulnerable Version: 1.4.1 Vendor Notification: 19 April 2011 Vulnerability Type: XSS Cro...

0.3AI score
Exploits0
securityvulns
securityvulnsadded 2011/04/11 12:0 a.m.81 views

HTB22917: XSS vulnerabilities in phpCollab

Vulnerability ID: HTB22917 Reference: http://www.htbridge.ch/advisory/xssvulnerabilitiesinphpcollab.html Product: phpCollab Vendor: phpCollab Team http://www.php-collab.org/ Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: Stored XSS Cross...

0.4AI score
Exploits0
Packet Storm
Packet Stormadded 2011/03/08 12:0 a.m.18 views

PhotoSmash 1.0.1 Cross Site Scripting

Vulnerability ID: HTB22867 Reference: http://www.htbridge.ch/advisory/xssinphotosmashwordpressplugin.html Product: PhotoSmash wordpress plugin Vendor: Byron Bennett http://smashly.net/ Vulnerable Version: 1.0.1 Vendor Notification: 22 February 2011 Vulnerability Type: XSS Cross Site Scripting...

Exploits0
securityvulns
securityvulnsadded 2011/02/15 12:0 a.m.48 views

HTB22831: XSS vulnerability in Gollos

Vulnerability ID: HTB22831 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingollos.html Product: Gollos Vendor: Gollos http://www.gollos.com/ Vulnerable Version: 2.8 and probably prior versions Vendor Notification: 01 February 2011 Vulnerability Type: XSS Cross Site Scripting Risk...

0.5AI score
Exploits0
exploitpack
exploitpackadded 2011/02/14 12:0 a.m.18 views

RunCMS 2.2.2 - Multiple Vulnerabilities

RunCMS 2.2.2 - Multiple Vulnerabilities Source: http://packetstormsecurity.org/files/view/98472/runcms-sqlxss.txt ================================ Vulnerability ID: HTB22820 Reference: http://www.htbridge.ch/advisory/sqlinjectioninruncms.html Product: RunCMS Vendor: http://www.runcms.org/...

0.5AI score
Exploits0
securityvulns
securityvulnsadded 2011/02/11 12:0 a.m.61 views

HTB22822: XSS vulnerability in RunCMS

Vulnerability ID: HTB22822 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinruncms.html Product: RunCMS Vendor: http://www.runcms.org/ http://www.runcms.org/ Vulnerable Version: 2.2.2 Vendor Notification: 27 January 2011 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2011/02/03 12:0 a.m.58 views

HTB22802: XSS in Podcast Generator

Vulnerability ID: HTB22802 Reference: http://www.htbridge.ch/advisory/xssinpodcastgenerator.html Product: Podcast Generator Vendor: Alberto Betella http://podcastgen.sourceforge.net/ Vulnerable Version: 1.3 Vendor Notification: 20 January 2011 Vulnerability Type: XSS Cross Site Scripting Risk...

0.5AI score
Exploits0
Rows per page
Query Builder