CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

439 matches found

Prion•added 2014/10/16 7:55 p.m.•18 views

Cross site scripting

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header...

4.3CVSS6.1AI score0.00263EPSS

Exploits0References1Affected Software1

Prion•added 2014/10/16 7:55 p.m.•16 views

Open redirect

Open redirect vulnerability in the redir function in includes/function.php in C97net Cart Engine before 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header to 1 index.php, 2 cart.php, 3 msg.php, or 4 page.php...

6.4CVSS7.1AI score0.02856EPSS

Exploits2References2Affected Software1

Cvelist•added 2014/10/16 7:0 p.m.•23 views

CVE-2014-8301

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header...

5.7AI score0.00263EPSS

Exploits0References1

NVD•added 2014/10/14 2:55 p.m.•12 views

CVE-2014-8069

Multiple cross-site scripting XSS vulnerabilities in YOOtheme Pagekit CMS 0.8.7 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTP Referer header to index.php/user or 2 PATHINFO to index.php...

4.3CVSS5.7AI score0.00225EPSS

Exploits2References1

Prion•added 2014/10/14 2:55 p.m.•18 views

Cross site scripting

4.3CVSS6AI score0.00225EPSS

Exploits2References1Affected Software1

Cvelist•added 2014/10/14 2:0 p.m.•14 views

CVE-2014-8069

5.7AI score0.00225EPSS

Exploits2References1

WPVulnDB•added 2014/08/01 10:58 a.m.•9 views

Count per Day 3.2.5 - counter.php HTTP Referer Header XSS

The Count per Day WordPress plugin was affected by a counter.php HTTP Referer Header XSS security vulnerability...

0.5AI score

Exploits0References2Affected Software1

NVD•added 2014/07/28 3:55 p.m.•12 views

CVE-2014-5108

Cross-site scripting XSS vulnerability in singlepages\downloadfile.php in concrete5 before 5.6.3 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to index.php/downloadfile...

4.3CVSS5.7AI score0.00449EPSS

Exploits0References4

NVD•added 2014/07/28 3:55 p.m.•7 views

CVE-2014-5106

Cross-site scripting XSS vulnerability in Invision Power IP.Board aka IPB or Power Board 3.4.x through 3.4.6 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to admin/install/index.php...

4.3CVSS5.7AI score0.00254EPSS

Exploits0References3

Prion•added 2014/07/28 3:55 p.m.•9 views

Cross site scripting

4.3CVSS6.1AI score0.00254EPSS

Exploits0References3Affected Software1

Prion•added 2014/07/28 3:55 p.m.•12 views

Cross site scripting

4.3CVSS6.1AI score0.00449EPSS

Exploits0References4Affected Software2

CVE•added 2014/07/28 3:0 p.m.•56 views

CVE-2014-5108

Affected software: concrete5

4.3CVSS5.9AI score0.00449EPSS

Exploits0References4Affected Software2

CVE•added 2014/07/28 3:0 p.m.•44 views

CVE-2014-5106

The CVE-2014-5106 entry describes a cross-site scripting (XSS) vulnerability in Invision Power IP.Board (IPB) 3.4.x through 3.4.6. An attacker could inject arbitrary web script or HTML via the HTTP Referer header to admin/install/index.php. This applies to IPB 3.4.x–3.4.6; no exploitation details...

4.3CVSS5.9AI score0.00254EPSS

Exploits0References3Affected Software1

Cvelist•added 2014/07/28 3:0 p.m.•17 views

CVE-2014-5108

5.7AI score0.00449EPSS

Exploits0References4

NVD•added 2014/07/20 11:12 a.m.•11 views

CVE-2014-3894

Cross-site scripting XSS vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header...

4.3CVSS5.8AI score0.00248EPSS

Exploits0References2

Cvelist•added 2014/07/20 10:0 a.m.•16 views

CVE-2014-3894

Cross-site scripting XSS vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header...

5.8AI score0.00248EPSS

Exploits0References2

Japan Vulnerability Notes•added 2014/07/16 12:0 a.m.•22 views

JVN#41028866: Multifunctional MailForm Free vulnerable to cross-site scripting

Multifunctional MailForm Free contains an issue in processing HTTP Referer headers, which may cause cross-site scripting. Impact By opening a specially crafted HTML document, an arbitrary sctipt may be executed. Solution Update the software Update to the latest version according to the informatio...

4.3CVSS6.1AI score0.00248EPSS

Exploits0

NVD•added 2014/07/02 10:35 a.m.•11 views

CVE-2014-4687

Multiple cross-site scripting XSS vulnerabilities in pfSense before 2.1.4 allow remote attackers to inject arbitrary web script or HTML via 1 the starttime0 parameter to firewallschedule.php, 2 the rssfeed parameter to rss.widget.php, 3 the servicestatusfilter parameter to...

4.3CVSS5.8AI score0.00087EPSS

Exploits0References1

Prion•added 2014/07/02 10:35 a.m.•16 views

Cross site scripting

4.3CVSS6.1AI score0.00087EPSS

Exploits0References1Affected Software1

Cvelist•added 2014/07/02 10:0 a.m.•13 views

CVE-2014-4687

5.7AI score0.00087EPSS

Exploits0References1

Rows per page