CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

128 matches found

RedhatCVE•added 2023/08/07 5:49 a.m.•41 views

CVE-2023-3978

A flaw was found in the Golang HTML package where it is vulnerable to Cross-site scripting caused by the improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim's web browser within the security...

6.1CVSS6.4AI score0.00098EPSS

Exploits0References6

IBM Security Bulletins•added 2021/11/25 5:6 p.m.•35 views

Security Bulletin: Vulnerability in Dojo may affect IBM Cúram Social Program Management (CVE-2018-15494)

Summary IBM Cúram Social Program Management uses the Dojo libraries, for which there is a publicly known vulnerability. Dojo Toolkit is vulnerable to cross-site scripting attack, caused by improper validation of user-supplied input by the DataGrid component. Vulnerability Details CVEID:...

9.8CVSS0.8AI score0.00704EPSS

Exploits2Affected Software1

Cvelist•added 2020/03/05 6:45 p.m.•12 views

CVE-2020-4082

The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting...

5.6AI score0.00166EPSS

Exploits1References1

IBM Security Bulletins•added 2018/06/15 10:43 p.m.•20 views

Security Bulletin: Vulnerability in Web Browser XSS Protection affects IBM Algo One - Algo Risk Application (CVE-2016-0390)

Summary Vulnerability in Web Browser XSS Protection Vulnerability Details CVEID: CVE-2016-0390 DESCRIPTION: IBM Algo One - Algo Risk Application is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a...

5.4CVSS0.5AI score0.00168EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2018/06/15 7:2 a.m.•21 views

Security Bulletin: Cross-site scripting vulnerabilities in IBM Business Process Manager (BPM) Process Portal (CVE-2015-0105)

Summary IBM Business Process Manager is vulnerable to cross-site scripting, which is caused by the improper validation of user-supplied input. A remote attacker might exploit this vulnerability using a specially crafted URL to execute a script in a user's web browser within the security context o...

4.3CVSS1AI score0.0035EPSS

Exploits0Affected Software3

OpenVAS•added 2018/01/19 12:0 a.m.•38 views

PHP < 5.6.33, 7.x < 7.0.27, 7.1.x < 7.1.13, 7.2.x < 7.2.1 Multiple Vulnerabilities - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

6.1CVSS7.7AI score0.89192EPSS

Exploits1References4

Packet Storm•added 2017/12/19 12:0 a.m.•33 views

WordPress Itinerary 1.0.0 Cross Site Scripting

Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Itinerary 1.0.0 Itinerary is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

Exploits0

0day.today•added 2017/12/15 12:0 a.m.•30 views

WordPress Pinterest Badge 1.8.0 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Credit Ricardo Sanchez Vulnerable Pinterest Badge 1.8.0 Pinterest Badge is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...

7.1AI score

Exploits0

0day.today•added 2017/12/06 12:0 a.m.•26 views

WordPress Z-URL Preview 1.6.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Vulnerable Z-URL Preview 1.6.1 Z-URL Preview is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

7.1AI score

Exploits0

OpenVAS•added 2016/12/29 12:0 a.m.•26 views

Mozilla Thunderbird Security Advisories (MFSA2016-96, MFSA2016-96) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

9.8CVSS8.5AI score0.36421EPSS

Exploits11References3

seebug.org•added 2014/07/01 12:0 a.m.•12 views

Vt-Forum Lite 1.3 vf_newtopic.asp IFRAME Element XSS

No description provided by source. source: http://www.securityfocus.com/bid/21428/info Vt-Forum Lite is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•15 views

APC PowerChute Network Shutdown HTTP Response Splitting and Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33924/info APC PowerChute Network Shutdown is prone to an HTTP-response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•27 views

common solutions csphonebook 1.02 'index.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30485/info The 'csphonebook' program from common solutions is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•27 views

MGinternet Property Site Manager detail.asp p Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21073/info MGinternet Property Site Manager is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because it fails to sufficiently sanitize user-supplied input. An...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•13 views

contentserver 5.6.2929 errors/transaction.asp msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24895/info activeWeb contentserver is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitra...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•36 views

Mailman 2.1.x Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20021/info Mailman is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-input. These issues include multiple cross-site scripting vulnerabilities and a CRLF-injection...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•14 views

Plogger Beta 2 index.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15839/info Plogger is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities cou...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•22 views

Plunet BusinessManager 4.1 pagesUTF8/auftrag_allgemeinauftrag.jsp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/33153/info Plunet BusinessManager is prone to multiple security-bypass and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitra...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•23 views

3Com Wireless 8760 Dual-Radio 11a/b/g PoE Multiple Security Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/32358/info 3Com Wireless 8760 Dual-Radio 11a/b/g PoE Access Point is prone to multiple security vulnerabilities, including an HTML-injection issue and an authentication-bypass issue. Successfully exploiting these issues...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•11 views

Saxon 5.4 Menu.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26237/info Saxon is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by