Lucene search
K

7613 matches found

Patchstack
Patchstack
added 2014/08/01 12:0 a.m.405 views

WordPress Source Theme - Cross Site Scripting

This WordPress theme is prone to a cross-site scripting XSS vulnerability. It allows remote attackers to inject arbitrary script or HTML. Solution Update the theme...

3.6AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.5 views

WordPress SimpleDark Theme <= 1.2.10 - XSS

This WordPress theme is prone to a cross-site scripting XSS vulnerability via "s" parameter. It allows remote attackers to inject arbitrary script or HTML. Solution Update the theme...

4.3AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.13 views

WordPress Allure Real Estate Theme <= 0.1.1 - XSS

This WordPress theme is prone to a cross-site scripting XSS vulnerability in "in ZeroClipboard.swf". It allows remote attackers to inject arbitrary script or HTML. Solution Update the theme...

3.7AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2014/08/01 12:0 a.m.9 views

WordPress Upscale Theme - XSS

This WordPress theme is prone to a cross-site scripting XSS vulnerability. It allows remote attackers to inject arbitrary script or HTML. Solution Update the theme...

3.7AI score
Exploits0References1Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/07/29 12:0 a.m.29 views

JVN#85748534: PerlMailer vulnerable to cross-site scripting

PerlMailer from Homepage Decorator is a mail form CGI which is used to send mail from a form on a web page. PerlMailer CGI scripts contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest upda...

4.3CVSS6.1AI score0.01148EPSS
Exploits0
Exploit DB
Exploit DB
added 2014/07/28 12:0 a.m.27 views

CMSimple 4.4.4 - &#039;color&#039; Remote Code Execution

source: https://www.securityfocus.com/bid/68961/info CMSimple is prone to multiple security vulnerabilities including: 1. Multiple arbitrary PHP code-execution vulnerabilities 2. A weak authentication security-bypass vulnerability 3. Multiple security vulnerabilities An attacker can exploit these...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/07/28 12:0 a.m.42 views

CMSimple - Default Administrator Credentials

source: https://www.securityfocus.com/bid/68961/info CMSimple is prone to multiple security vulnerabilities including: 1. Multiple arbitrary PHP code-execution vulnerabilities 2. A weak authentication security-bypass vulnerability 3. Multiple security vulnerabilities An attacker can exploit these...

7.4AI score
Exploits0
OSV
OSV
added 2014/07/20 11:12 a.m.6 views

CVE-2014-4955

Cross-site scripting XSS vulnerability in the PMATRIgetRowForList function in libraries/rte/rtelist.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that i...

5AI score
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/07/15 5:46 a.m.3 views

Cybozu Garoon vulnerable to cross-site scritping

Overview Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an issue in the function "Notices portlet", which may result in a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of a user that is logged on. Solution...

3.5CVSS6AI score0.00936EPSS
Exploits0References5
exploitpack
exploitpack
added 2014/07/10 12:0 a.m.13 views

WeBid - Multiple Cross-Site Scripting LDAP Injection Vulnerabilities

WeBid - Multiple Cross-Site Scripting LDAP Injection Vulnerabilities source: https://www.securityfocus.com/bid/68519/info WeBid is prone to multiple cross-site-scripting vulnerabilities and an LDAP injection vulnerability. An attacker may leverage these issues to compromise the application, acces...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2014/07/03 12:0 a.m.26 views

ownCloud Multiple Vulnerabilities-04 (Jul 2014)

ownCloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if description...

5.5CVSS6.4AI score0.01043EPSS
Exploits0References4
NVD
NVD
added 2014/07/02 8:55 p.m.11 views

CVE-2014-4591

Cross-site scripting XSS vulnerability in picasaupload.php in the WP-Picasa-Image plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the postid parameter...

4.3CVSS5.8AI score0.01629EPSS
Exploits1References1
Prion
Prion
added 2014/07/02 8:55 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in pages/3DComplete.php in the WooCommerce SagePay Direct Payment Gateway plugin before 0.1.6.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 MD or 2 PARes parameter...

4.3CVSS6.2AI score0.02064EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2014/07/02 8:0 p.m.26 views

CVE-2014-4565

Multiple cross-site scripting XSS vulnerabilities in vcc.js.php in the Verification Code for Comments plugin 2.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 vp, 2 vs, 3 l, 4 vu, or 5 vm parameter...

6AI score0.01629EPSS
Exploits1References1
CVE
CVE
added 2014/07/02 10:0 a.m.51 views

CVE-2014-4687

pfSense is affected by CVE-2014-4687: multiple XSS vulnerabilities in pfSense before 2.1.4. Exploitable via five vectors: (1) starttime0 parameter in firewall_schedule.php, (2) rssfeed parameter in rss.widget.php, (3) servicestatusfilter parameter in services_status.widget.php, (4) txtRecallBuffe...

4.3CVSS5.9AI score0.01661EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/02 12:0 a.m.19 views

Toms Gästebuch 1.00 form.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/25507/info Toms Gästebuch is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

AIOCP 1.3.x cp_forum_view.php choosed_language Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Pre ASP Job Board 'emp_login.asp' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32572/info Pre ASP Job Board is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the brows...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Mobilelib Gold Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21817/info Mobilelib GOLD is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script co...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Clickbank Portal 'search.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31438/info Clickbank Portal is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browse...

7.1AI score
Exploits0
Rows per page
Query Builder