Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3294 matches found

NVD
NVDadded 2007/02/24 12:28 a.m.12 views

CVE-2006-7050

Cross-site scripting XSS vulnerability in WikkaWiki Wikka Wiki before 1.1.6.2 allows remote attackers to inject arbitrary javascript via 1 events in forced links url parameter that are not properly handled in formatters/wakka.php, and possibly 2 other vectors in wikka.php...

6.8CVSS6AI score0.01401EPSS
Exploits0References7
Prion
Prionadded 2007/02/15 11:28 p.m.19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via 1 e-mail messages and 2 the ID parameter to a right.asp, b Forms/MAI/list.asp, and c Forms/VCF/list.asp in mewebmail/base/default/lang/EN/...

4.3CVSS6.1AI score0.03005EPSS
Exploits0References12Affected Software1
Cvelist
Cvelistadded 2007/02/15 11:0 p.m.30 views

CVE-2007-0651

Multiple cross-site scripting XSS vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via 1 e-mail messages and 2 the ID parameter to a right.asp, b Forms/MAI/list.asp, and c Forms/VCF/list.asp in mewebmail/base/default/lang/EN/...

5.9AI score0.03005EPSS
Exploits0References12
NVD
NVDadded 2007/02/08 5:28 p.m.11 views

CVE-2006-6977

Cross-site scripting XSS vulnerability in the "Basic Toolbar Selection" in FreeTextBox allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the 1 href or 2 onmouseover attribute of the A HTML tag...

4.3CVSS6.1AI score0.01062EPSS
Exploits1References3
NVD
NVDadded 2007/02/08 5:28 p.m.14 views

CVE-2006-6978

Cross-site scripting XSS vulnerability in the "Basic Toolbar Selection" in FCKEditor allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the 1 href or 2 onmouseover attribute of the A HTML tag...

4.3CVSS6.1AI score0.01062EPSS
Exploits1References3
Cvelist
Cvelistadded 2007/02/08 5:0 p.m.14 views

CVE-2006-6977

Cross-site scripting XSS vulnerability in the "Basic Toolbar Selection" in FreeTextBox allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the 1 href or 2 onmouseover attribute of the A HTML tag...

6.1AI score0.01062EPSS
Exploits1References3
Cvelist
Cvelistadded 2007/02/08 5:0 p.m.14 views

CVE-2006-6978

Cross-site scripting XSS vulnerability in the "Basic Toolbar Selection" in FCKEditor allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the 1 href or 2 onmouseover attribute of the A HTML tag...

6.1AI score0.01062EPSS
Exploits1References3
OSV
OSVadded 2006/12/04 12:0 a.m.44 views

DSA-1227-1 mozilla-thunderbird

Bulletin has no description...

7.5CVSS6.3AI score0.05833EPSS
Exploits0
NVD
NVDadded 2006/11/29 1:28 a.m.8 views

CVE-2006-6163

Cross-site scripting XSS vulnerability in tiki-setupbase.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters...

4.3CVSS5.8AI score0.00885EPSS
Exploits0References2
Cvelist
Cvelistadded 2006/11/29 1:0 a.m.18 views

CVE-2006-6163

Cross-site scripting XSS vulnerability in tiki-setupbase.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters...

5.8AI score0.00885EPSS
Exploits0References2
Cvelist
Cvelistadded 2006/11/08 10:0 p.m.28 views

CVE-2006-5463

Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object while it is executing...

6.8AI score0.02614EPSS
Exploits0References57
NVD
NVDadded 2006/10/24 10:7 p.m.25 views

CVE-2006-5486

Cross-site scripting XSS vulnerability in Webmail in Sun Java System Messaging Server 6.0 through 6.2 and iPlanet Messaging Server 5.2 allows remote attackers to execute arbitrary Javascript via crafted messages...

4.3CVSS6AI score0.01935EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2006/09/06 12:0 a.m.4 views

PT-2006-5353 · Microsoft · Internet Explorer 6

Name of the Vulnerable Software and Affected Versions: Internet Explorer 6 version Description: The issue allows remote attackers to execute arbitrary JavaScript in the context of the browser's session with an arbitrary intranet web server. This can be achieved by hosting script on an Internet we...

7.5CVSS7.2AI score0.18259EPSS
Exploits1References5
securityvulns
securityvulnsadded 2006/06/28 12:0 a.m.30 views

[Kil13r-SA-20060628] Hanaro Search Cross-Site Scripting Vulnerability

Title: Kil13r-SA-20060628 Hanaro Search Cross-Site Scripting Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Remote Timeline: 2006/06/22 - Discovery 2006/06/28 - Release Affected version: Not affected version: Description: Hanaro is ISP site, but that has vulnerability. It...

1.8AI score
Exploits0
securityvulns
securityvulnsadded 2006/06/25 12:0 a.m.171 views

[Kil13r-SA-20060622-1] NetSoft SmartNet 2.0 Cross-Site Scripting Vulnerability

Title: Kil13r-SA-20060622-1 NetSoft SmartNet 2.0 Cross-Site Scripting Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Remote Timeline: 2006/06/21 - Discovery 2006/06/21 - Vendor notification 2006/06/22 - Release Affected version: NetSoft SmartNet 2.0 Not affected version:...

1.6AI score
Exploits0
UbuntuCve
UbuntuCveadded 2006/06/22 12:6 a.m.37 views

CVE-2006-3014

Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet...

5.1CVSS6.1AI score0.30101EPSS
Exploits1References1
Cvelist
Cvelistadded 2006/06/22 12:0 a.m.19 views

CVE-2006-3014

Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet...

7.2AI score0.30101EPSS
Exploits1References16
CVE
CVEadded 2006/06/22 12:0 a.m.70 views

CVE-2006-3014

CVE-2006-3014 affects Microsoft Excel where embedding a Shockwave Flash Player ActiveX Object inside an XLS can automatically execute, enabling user-assisted arbitrary JavaScript execution and redirection when the spreadsheet is opened. According to SUSE and CPAI advisories, the issue originates ...

5.1CVSS7.2AI score0.30101EPSS
Exploits1References16Affected Software1
UbuntuCve
UbuntuCveadded 2006/05/26 1:6 a.m.26 views

CVE-2006-2611

Cross-site scripting XSS vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14349 allows remote attackers to inject arbitrary Javascript via unspecified vectors, possibly involving the usage of the | pipe character...

4.3CVSS6.1AI score0.01813EPSS
Exploits1References1
Prion
Prionadded 2006/05/26 1:6 a.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14349 allows remote attackers to inject arbitrary Javascript via unspecified vectors, possibly involving the usage of the | pipe character...

4.3CVSS6.3AI score0.01813EPSS
Exploits1References10Affected Software1
Rows per page
Query Builder