Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

280 matches found

seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.16 views

PHPX 3.5.9 XCode Tag HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16799/info PHPX is prone to an HTML-injection vulnerability. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.12 views

Mensajeitor 1.8.9 IP Parameter HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14071/info Mensajeitor is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.15 views

Chucky A. Ivey N.T. 1.1 Index.PHP Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17387/info N.T. is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and scrip...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.11 views

ScrewTurn Software ScrewTurn Wiki 2.0.x 'System Log' Page HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30429/info ScrewTurn Wiki is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...

7.1AI score
Exploits0
OpenVAS
OpenVASadded 2014/04/03 12:0 a.m.33 views

OTRS Help Desk Multiple Vulnerabilities

OTRS Help Desk is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:otrs:otrs"; if description...

4.3CVSS7.5AI score0.00226EPSS
Exploits2References3
Fedora
Fedoraadded 2013/06/23 5:58 a.m.45 views

[SECURITY] Fedora 17 Update: php-5.4.16-1.fc17

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

9.8CVSS0.6AI score0.94363EPSS
Exploits48
Exploit DB
Exploit DBadded 2013/03/08 12:0 a.m.22 views

WordPress Plugin Terillion Reviews - Profile Id HTML Injection

source: https://www.securityfocus.com/bid/58415/info The Terillion Reviews plugin for WordPress is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2012/12/27 12:0 a.m.17 views

Astaro Security Gateway 8.1 - HTML Injection

source: https://www.securityfocus.com/bid/51301/info Astaro Security Gateway is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context of t...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2012/12/10 12:0 a.m.24 views

SimpleInvoices invoices Module - Customer Field Cross-Site Scripting

source: https://www.securityfocus.com/bid/56882/info Simple Invoices is prone to multiple HTML-injection vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2012/09/18 12:0 a.m.19 views

AxisInternet VoIP Manager - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/55589/info AxisInternet VoIP Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2012/05/15 12:0 a.m.25 views

WordPress Plugin NewsLetter Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/53523/info Newsletter Manager plugin for WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues ...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2012/05/12 12:0 a.m.31 views

GetSimple CMS 3.1 admin/pages.php error Parameter Reflected XSS

GetSimple CMS 3.1 admin/pages.php error Parameter Reflected XSS. CVE-2012-6621. Webapps exploit for php platform source: http://www.securityfocus.com/bid/53501/info GetSimple CMS is prone to HTML-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplie...

4.3CVSS6.3AI score0.00475EPSS
Exploits4
Exploit DB
Exploit DBadded 2012/05/10 12:0 a.m.26 views

Chevereto 1.91 - '/Upload/engine.php?v' Cross-Site Scripting

source: https://www.securityfocus.com/bid/53448/info Chevereto Image Upload Script is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker m...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2012/05/10 12:0 a.m.6 views

Chevereto 1.91 - Uploadengine.php?v Cross-Site Scripting

Chevereto 1.91 - Uploadengine.php?v Cross-Site Scripting source: https://www.securityfocus.com/bid/53448/info Chevereto Image Upload Script is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability because it fails to properly sanitize user-supplied input before...

6.8AI score
Exploits0
OpenVAS
OpenVASadded 2012/04/10 12:0 a.m.32 views

Sourcefabric Newscoop Multiple Cross Site Scripting and SQL Injection Vulnerabilities

Sourcefabric Newscoop is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Exploiting these issues could allow an attacker to steal cookie- based authentication...

7.5CVSS0.6AI score0.01661EPSS
Exploits5References7
exploitpack
exploitpackadded 2012/03/20 12:0 a.m.23 views

GNUBoard 4.34.20 - download.php HTML Injection

GNUBoard 4.34.20 - download.php HTML Injection source: https://www.securityfocus.com/bid/52622/info Gnuboard is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script co...

7.6AI score
Exploits0
Exploit DB
Exploit DBadded 2012/02/28 12:0 a.m.35 views

Fork CMS 3.x - '/backend/modules/error/actions/index.php?parse()' Multiple Error Display Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/52236/info Fork CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script cod...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2012/01/21 12:0 a.m.9 views

Acidcat ASP CMS 3.5 - Multiple Cross-Site Scripting Vulnerabilities

Acidcat ASP CMS 3.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/51608/info Acidcat ASP CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated...

0.3AI score
Exploits0
Exploit DB
Exploit DBadded 2012/01/20 12:0 a.m.18 views

Syneto Unified Threat Management 1.3.3/1.4.2 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/51597/info Syneto Unified Threat Management is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2012/01/16 12:0 a.m.19 views

PHP Membership Site Manager Script 2.1 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51416/info PHP Membership Site Manager Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute...

7.4AI score
Exploits0
Rows per page
Query Builder