Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1046 matches found

Japan Vulnerability Notes
Japan Vulnerability Notesadded 2008/05/20 3:0 p.m.1 views

DesignForm cross-site scripting vulnerability

Overview DesignForm is a mail form CGI provided by GNB. A cross-site scripting vulnerability exists in DesignForm. DesignForm is a mail form CGI provided by GNB. It is used to send mail from a form on a web page. A cross-site scripting vulnerabiltiy exists in DesignForm. Impact An arbitrary scrip...

4.3CVSS6AI score0.00401EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2008/05/20 3:0 p.m.2 views

tDiary cross-site scripting vulnerability

Overview tDiary, a weblog system from the tDiary development project, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...

4.3CVSS6.1AI score0.00804EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2008/05/20 3:0 p.m.2 views

Multiple Cybozu products vulnerable to cross-site scripting

Overview Multiple Cybozu products are vulnerable to cross-site scripting. Multiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN50342989. Impact An arbitrary script can be executed on the user's web browser. Solution Update the Software Apply the...

4.3CVSS6.5AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2008/05/20 3:0 p.m.0 views

pnamazu cross-site scripting vulnerability

Overview pnamazu, the Perl version program of the full-text search engine Namazu, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...

6.8CVSS6.3AI score0.0124EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2008/05/20 3:0 p.m.1 views

b2evolution cross-site scripting vulnerability

Overview b2evolution, a blog publishing system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, session hijacking could be conducted. Solution None...

4.3CVSS6.1AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2008/05/20 3:0 p.m.2 views

MTCMS WYSIWYG Editor cross-site scripting vulnerability

Overview MTCMS WYSIWYG Editor, weblog management software from SKYARC System, contains a cross-site scripting vulnerability. MTCMS WYSIWYG Editor from SKYARC System is management software used to update Movable Type contents, etc. The install.cgi in MTCMS WYSIWYG Editor contains a cross-site...

4.3CVSS6.3AI score0.00329EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2008/05/20 3:0 p.m.2 views

RaidenHTTPD cross-site scripting vulnerability

Overview RaidenHTTPD, from Sonei Information Systems TEAM JOHNLONG, contains a cross-site scripting vulnerability. This issue is different from JVN90438169. RaidenHTTPD is a multipurpose web server for Windows provided by TEAM JOHNLONG. RaidenHTTPD contains a cross-site scripting vulnerability...

4.3CVSS6.3AI score0.00351EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2008/05/20 3:0 p.m.2 views

Drupal cross-site scripting vulnerability

Overview Drupal, an open source content management system, contains a cross-site scripting vulnerability. This vulnerability is different from JVN82240092. Impact An arbitrary script could be executed on the browser of the user who logged into Drupal. In addition, if session information from a...

4.3CVSS6.2AI score0.00738EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2008/05/20 3:0 p.m.1 views

04WebServer cross-site scripting vulnerability

Overview 04WebServer, open source web server software, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...

6.8CVSS6.3AI score0.01009EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2008/05/20 3:0 p.m.1 views

Drupal cross-site scripting vulnerability

Overview Drupal, an open source content management system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possible conduct session hijacking. Solution None...

4.3CVSS5.9AI score0.00572EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2008/05/20 3:0 p.m.1 views

MODx cross-site scripting vulnerability

Overview MODxl, an open source content management system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solution None...

4.3CVSS6.1AI score
Exploits0References2
Exploit DB
Exploit DBadded 2008/02/14 12:0 a.m.16 views

artmedic webdesign weblog - Multiple Local File Inclusions

source: https://www.securityfocus.com/bid/27797/info artmedic webdesign weblog is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an attacker to access potentially sensitive information and execute...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2007/12/28 12:0 a.m.9 views

OpenBiblio 0.x - staff_del_confirm.php Multiple Cross-Site Scripting Vulnerabilities

OpenBiblio 0.x - staffdelconfirm.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27053/info OpenBiblio is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection,...

0.2AI score
Exploits0
exploitpack
exploitpackadded 2007/12/28 12:0 a.m.8 views

OpenBiblio 0.x - theme_del_confirm.php?name Cross-Site Scripting

OpenBiblio 0.x - themedelconfirm.php?name Cross-Site Scripting source: https://www.securityfocus.com/bid/27053/info OpenBiblio is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection, cross-site scripting...

6.8AI score
Exploits0
Prion
Prionadded 2007/05/16 10:30 p.m.13 views

Unrestricted file upload

Unrestricted file upload vulnerability in Jetbox CMS allows remote authenticated users with author privileges to upload arbitrary scripts via unspecified vectors, which can be accessed in webfiles/. NOTE: this issue might be a duplicate of CVE-2004-1448...

6CVSS6.6AI score0.03243EPSS
Exploits1References4Affected Software1
NVD
NVDadded 2007/05/16 10:30 p.m.9 views

CVE-2007-2733

Unrestricted file upload vulnerability in Jetbox CMS allows remote authenticated users with author privileges to upload arbitrary scripts via unspecified vectors, which can be accessed in webfiles/. NOTE: this issue might be a duplicate of CVE-2004-1448...

6CVSS6.4AI score0.00827EPSS
Exploits0References4
CVE
CVEadded 2007/05/16 10:0 p.m.42 views

CVE-2007-2733

CVE-2007-2733 is an unrestricted file upload vulnerability in Jetbox CMS, where remote authenticated users with author privileges can upload arbitrary scripts (e.g., PHP) via the IMAGES/webfiles mechanism and execute code. Public details indicate Jetbox One 2.0.8 and other versions are affected, ...

6CVSS6.5AI score0.00827EPSS
Exploits0References4Affected Software1
Prion
Prionadded 2007/05/08 11:19 p.m.24 views

Cross site scripting

Cross-site scripting XSS vulnerability in Outlook Web Access OWA in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows remote attackers to execute arbitrary scripts, spoof content, or obtain sensitive information via certain UTF-encoded, script-based e-mail attachments, involving an...

6.8CVSS6.4AI score0.43666EPSS
Exploits0References11Affected Software1
NVD
NVDadded 2007/05/08 11:19 p.m.14 views

CVE-2007-0220

Cross-site scripting XSS vulnerability in Outlook Web Access OWA in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows remote attackers to execute arbitrary scripts, spoof content, or obtain sensitive information via certain UTF-encoded, script-based e-mail attachments, involving an...

6.8CVSS6AI score0.43666EPSS
Exploits0References11
Cvelist
Cvelistadded 2007/05/08 11:0 p.m.27 views

CVE-2007-0220

Cross-site scripting XSS vulnerability in Outlook Web Access OWA in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows remote attackers to execute arbitrary scripts, spoof content, or obtain sensitive information via certain UTF-encoded, script-based e-mail attachments, involving an...

6AI score0.43666EPSS
Exploits0References11
Rows per page
Query Builder