Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1007 matches found

Exploit DB
Exploit DBadded 2013/12/17 12:0 a.m.17 views

Piwigo - 'admin.php' Cross-Site Request Forgery (User Creation)

source: https://www.securityfocus.com/bid/64357/info Piwigo is prone to cross-site request-forgery and HTML-injection vulnerabilities. Exploiting these issues may allow a remote attacker to perform certain unauthorized actions, execute arbitrary script or HTML code within the context of the...

7AI score
Exploits0
seebug.org
seebug.orgadded 2013/12/17 12:0 a.m.23 views

IBM Sterling Connect:Enterprise跨站脚本漏洞

CVE ID:CVE-2013-6327 IBM Sterling Connect是一款点到点文件传输软件,可实现企业内和企业间的大容量、安全可靠的文件交付。 IBM Sterling Connect:Enterprise存在一个未明跨站脚本漏洞,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时可获取敏感信息或者劫持用户会话。 0 IBM Sterling Connect:Enterprise 1.3.0.2 IBM Sterling Connect:Enterprise 1.4.0.0. 厂商补丁: IBM ----- IBM Sterling Connect...

4.3CVSS6.6AI score0.00236EPSS
Exploits1
htbridge
htbridgeadded 2013/10/02 12:0 a.m.58 views

Cross-Site Scripting (XSS) in GuppY

High-Tech Bridge Security Research Lab discovered two XSS vulnerabilities in GuppY, which can be exploited to perform Cross-Site Scripting attacks against users of vulnerable application. 1 Cross-Site Scripting XSS in GuppY: CVE-2013-5983 1.1 The vulnerability exists due to insufficient...

4.3CVSS5.6AI score0.00407EPSS
Exploits1Affected Software1
exploitpack
exploitpackadded 2013/08/07 12:0 a.m.11 views

Pluck CMS 4.7 - HTML Code Injection

Pluck CMS 4.7 - HTML Code Injection Exploit Title: Pluck CMS CSRF - Injecting malicious contents to pagess Date: 2013 4 August Exploit Author: Yashar shahinzadeh Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://www.pluck-cms.org/ Tested on: Linux & Windows, PHP 5.2.9...

Exploits0
Exploit DB
Exploit DBadded 2013/08/07 12:0 a.m.23 views

Pluck CMS 4.7 - HTML Code Injection

Exploit Title: Pluck CMS CSRF - Injecting malicious contents to pagess Date: 2013 4 August Exploit Author: Yashar shahinzadeh Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://www.pluck-cms.org/ Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 4.7 Contacts:...

7.4AI score
Exploits0
Mageia
Mageiaadded 2013/07/29 2:6 p.m.40 views

Updated phpmyadmin packages fix security vulnerabilities

Using a crafted SQL query, it was possible to produce an XSS on the SQL query form PMASA-2013-8CVE-2013-4995. In the setup/index.php, using a crafted hash with a Javascript event, untrusted JS code could be executed. In the Display chart view, a chart title containing HTML code was rendered...

6.5CVSS0.7AI score0.00374EPSS
Exploits0References7
securityvulns
securityvulnsadded 2013/07/08 12:0 a.m.32 views

AVAST Antivirus v8.0.1489 - Multiple Core Vulnerabilities

Title: ====== AVAST Antivirus v8.0.1489 - Multiple Core Vulnerabilities Date: ===== 2013-06-30 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=963 VL-ID: ===== 963 Common Vulnerability Scoring System: ==================================== 4.1 Introduction: =============...

8.1AI score
Exploits0
Packet Storm
Packet Stormadded 2013/06/30 12:0 a.m.22 views

Vatican Cross Site Scripting

vaticanstate.va XSS Vulnerability webcam page ======================================================== Site: http://www.vaticanstate.va/IT/Monumenti/webcam/index?cam=webcam3 Discovered by: Andrea Menin base64 @: bWVuaW4uYW5kcmVhQGdtYWlsLmNvbQ== Follow me: http://www.linkedin.com/in/andreamenin...

Exploits0
Vulnerability Lab
Vulnerability Labadded 2013/06/26 12:0 a.m.19 views

AVAST Internet Security Suite - Persistent Vulnerabilities

Document Title: =============== AVAST Internet Security Suite - Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=969 Release Date: ============= 2013-06-26 Vulnerability Laboratory ID VL-ID: ====================================...

0.2AI score
Exploits0
seebug.org
seebug.orgadded 2013/06/03 12:0 a.m.35 views

IBM SPSS Data Collection CVE-2013-0464跨站脚本漏洞

Bugtraq ID:60246 CVE ID:CVE-2013-0464 IBM SPSS Data Collection是全球业界领先的问卷调查、市场研究以及客户行为分析的专业解决方案。 IBM SPSS Data Collection存在一个输入验证漏洞,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被用户查看时可获取敏感信息或劫持用户会话。 0 IBM SPSS Data Collection 6.0.1 IBM SPSS Data Collection 6.0 IBM SPSS Data Collection 7.0 用户可参考如下厂商提供的安全公告获得补丁程序:...

4.3CVSS0.3AI score0.00265EPSS
Exploits1
OpenVAS
OpenVASadded 2013/05/23 12:0 a.m.19 views

Jojo CMS Multiple Vulnerabilities

Jojo CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.02034EPSS
Exploits2References5
htbridge
htbridgeadded 2013/04/17 12:0 a.m.34 views

Multiple Vulnerabilities in Jojo CMS

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Jojo CMS, which can be exploited to perform SQL Injection and Cross-Site Scripting XSS attacks. 1 SQL Injection in Jojo CMS: CVE-2013-3081 The vulnerability is caused by insufficient filtration of user-supplied input...

6.8CVSS7.3AI score0.02034EPSS
Exploits2Affected Software1
Packet Storm
Packet Stormadded 2013/04/13 12:0 a.m.21 views

Free Monthly Websites 2.0 Administrator Remote Password Change

========================================================================================== Title : Free Monthly Websites 2.0 Administrator Remote Password Change Date : 10/04/2013 Name : Free Monthly Websites Affected Version : 2.0 Vendor : http://www.freemonthlywebsites2.com/ Category : Web...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2013/02/26 12:0 a.m.10 views

MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities

MTP Guestbook 1.0 - Multiple Cross-Site Scripting Vulnerabilities MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities alert1;' / input type="hidden" name="ins...

0.2AI score
Exploits0
OpenVAS
OpenVASadded 2013/02/26 12:0 a.m.21 views

CKEditor < 4.0.1.1 Multiple Vulnerabilities

CKEditor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ckeditor:ckeditor"; ifdescription...

7.3AI score
Exploits0References3
Zero Science Lab
Zero Science Labadded 2013/02/25 12:0 a.m.23 views

MTP Guestbook 1.0 Multiple Remote Script Insertion Vulnerabilities

Summary MTP Guestbook allows you to put a guestbook on your website. Your visitors can sign it and leave a message. The entries can be edited and deleted in the admin area. Description MTP Guestbook script suffers from multiple stored cross-site scripting vulnerabilities. The issues are triggered...

6AI score
Exploits0
Check Point Advisories
Check Point Advisoriesadded 2013/02/06 12:0 a.m.1 views

Advantech WebAccess HMI and SCADA Software Cross-Site Scripting

A cross site scripting vulnerability has been reported in Advantech WebAccess HMI/SCADA software. The vulnerability is due to improper validation of input passed via the 'ProjDesc' parameter. A remote attacker can exploit this vulnerability to execute arbitrary HTML and script code in a browser...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2013/01/18 12:0 a.m.33 views

Apache OFBiz 10.4.x - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/57463/info Apache OFBiz is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary HTML and script code in the browser of an unsuspecting...

7.4AI score
Exploits0
OpenVAS
OpenVASadded 2013/01/15 12:0 a.m.10 views

phlyLabs phlyMail Lite Multiple Vulnerabilities

phlyLabs phlyMail Lite is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score
Exploits0References7
exploitpack
exploitpackadded 2013/01/08 12:0 a.m.9 views

Advantech Webaccess HMISCADA Software - Persistence Cross-Site Scripting

Advantech Webaccess HMISCADA Software - Persistence Cross-Site Scripting Title : Advantech WebAccess HMI/SCADA Software Persistence Cross-Site Scripting Vulnerability Author : Antu Sanadi SecPod Technologies www.secpod.com Vendor : http://webaccess.advantech.com/ Advisory :...

Exploits0
Rows per page
Query Builder