CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1002 matches found

exploitpack•added 2011/10/06 12:0 a.m.•11 views

Active CMS 1.2 - mod Cross-Site Scripting

Active CMS 1.2 - mod Cross-Site Scripting source: https://www.securityfocus.com/bid/50001/info Active CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issu...

Exploit DB•added 2011/08/21 12:0 a.m.•26 views

OneFileCMS 1.1.1 - 'onefilecms.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/49257/info OneFileCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

VulnCheck KEV•added 2011/07/29 12:0 a.m.•1 views

VulnCheck KEV: CVE-2009-1151

Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file...

9.8CVSS7.5AI score0.93271EPSS

Exploits16References1

Exploit DB•added 2011/07/12 12:0 a.m.•29 views

Flowplayer 3.2.7 - 'linkUrl' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48651/info Flowplayer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

exploitpack•added 2011/07/11 12:0 a.m.•13 views

Prontus CMS - page Cross-Site Scripting

Prontus CMS - page Cross-Site Scripting source: https://www.securityfocus.com/bid/48637/info Prontus CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue...

Exploit DB•added 2011/07/11 12:0 a.m.•27 views

Prontus CMS - 'page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48637/info Prontus CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

exploitpack•added 2011/06/22 12:0 a.m.•13 views

FanUpdate 3.0 - pageTitle Cross-Site Scripting

FanUpdate 3.0 - pageTitle Cross-Site Scripting source: https://www.securityfocus.com/bid/48392/info FanUpdate is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this...

Exploit DB•added 2011/06/22 12:0 a.m.•23 views

FanUpdate 3.0 - 'pageTitle' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48392/info FanUpdate is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...

exploitpack•added 2011/06/21 12:0 a.m.•20 views

Sitemagic CMS 2010.04.17 - SMExt Cross-Site Scripting

Sitemagic CMS 2010.04.17 - SMExt Cross-Site Scripting source: https://www.securityfocus.com/bid/48355/info Sitemagic CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may...

Exploit DB•added 2011/06/21 12:0 a.m.•31 views

Sitemagic CMS 2010.04.17 - 'SMExt' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48355/info Sitemagic CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in t...

OpenVAS•added 2011/04/29 12:0 a.m.•18 views

HP SiteScope Cross Site Scripting and HTML Injection Vulnerabilities

HP SiteScope is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to properly sanitize user- supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run in the contex...

4.3CVSS5.5AI score0.01198EPSS

Exploits0References3

exploitpack•added 2011/04/25 12:0 a.m.•15 views

eyeOS 1.9.0.2 - Image File Handling HTML Injection

eyeOS 1.9.0.2 - Image File Handling HTML Injection source: https://www.securityfocus.com/bid/47629/info eyeOS is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input passed through image content before using it in dynamically generated content...

Exploit DB•added 2011/04/04 12:0 a.m.•27 views

Yaws-Wiki 1.88-1 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/47158/info Yaws-Wiki is prone to multiple cross-site scripting vulnerabilities and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow...

Exploit DB•added 2011/04/02 12:0 a.m.•26 views

PHP-Fusion 'articles.php' Cross-Site Scripting Vulnerability

PHP-Fusion 'articles.php' Cross Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/47130/info PHP-Fusion is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically...

exploitpack•added 2011/04/01 12:0 a.m.•23 views

AWCM 2.x - search.php Cross-Site Scripting

AWCM 2.x - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/47126/info AWCM is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to...

OpenVAS•added 2011/04/01 12:0 a.m.•38 views

Mandriva Update for apache MDVSA-2011:057 (apache)

Check for the Version of apache OpenVAS Vulnerability Test Mandriva Update for apache MDVSA-2011:057 apache Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

4.3CVSS0.00708EPSS

Exploits0References2

Exploit DB•added 2011/03/29 12:0 a.m.•24 views

XOOPS - 'view_photos.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/47085/info XOOPS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the brows...

exploitpack•added 2011/03/29 12:0 a.m.•20 views

XOOPS - view_photos.php Cross-Site Scripting

XOOPS - viewphotos.php Cross-Site Scripting source: https://www.securityfocus.com/bid/47085/info XOOPS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue t...

exploitpack•added 2011/03/28 12:0 a.m.•16 views

Claroline 1.10 - Multiple HTML Injection Vulnerabilities

Claroline 1.10 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/47073/info Claroline is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploi...

exploitpack•added 2011/03/27 12:0 a.m.•19 views

OrangeHRM 2.6.2 - jobVacancy.php Cross-Site Scripting

OrangeHRM 2.6.2 - jobVacancy.php Cross-Site Scripting source: https://www.securityfocus.com/bid/47046/info OrangeHRM is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverag...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by