CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

248 matches found

OSV•added 2016/04/13 4:59 p.m.•7 views

CVE-2015-8807

Cross-site scripting XSS vulnerability in the renderVarInputnumber function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via vectors...

6.1CVSS5.9AI score

Exploits0References9

CNVD•added 2016/02/23 12:0 a.m.•2 views

Cisco Application Policy Infrastructure Controller Enterprise Module Cross-Site Scripting Vulnerability

Cisco Application Policy Infrastructure Controller Enterprise is an application policy infrastructure control module. A cross-site scripting vulnerability exists in Cisco Application Policy Infrastructure Controller Enterprise, which allows remote attackers to exploit the vulnerability to inject...

6.1CVSS6.2AI score0.01009EPSS

Exploits0References1

CNVD•added 2016/02/08 12:0 a.m.•4 views

Cisco Fog Director Cross-Site Scripting Vulnerability

Cisco Fog Director is an automated management platform for centralized management of multiple applications running at the network edge. The platform enables control of application settings and lifecycles, and supports access to and monitoring of large-scale IoT deployments. A cross-site scripting...

6.1CVSS6.5AI score0.00773EPSS

Exploits0References1

CNVD•added 2016/01/21 12:0 a.m.•2 views

Multiple Cross-Site Scripting Vulnerabilities in SAP NetWeaver

SAP NetWeaver is a service-oriented, integrated application platform. A cross-site scripting vulnerability exists in SAP NetWeaver, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user...

6.1CVSS5.9AI score0.0102EPSS

Exploits0References1

CNVD•added 2016/01/16 12:0 a.m.•10 views

WordPress Cross-Site Scripting Vulnerability (CNVD-2016-00258)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation. WordPress suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain...

6.1CVSS6.2AI score0.02694EPSS

Exploits2References1

CNVD•added 2016/01/11 12:0 a.m.•1 views

IBM Connections Cross-Site Scripting Vulnerability (CNVD-2016-00162)

IBM Connections is a suite of social software platforms. The platform provides advanced analytics and real-time data monitoring capabilities and accelerates web collaboration within and outside the organization through IBM SmartCloud services. IBM Connections suffers from a cross-site scripting...

5.4CVSS5.9AI score0.00643EPSS

Exploits0References1

CNVD•added 2015/11/22 12:0 a.m.•3 views

Moodle cross-site scripting vulnerability (CNVD-2015-07728)

Moodle is a free, open source e-learning software platform. Moodle suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when...

5.4CVSS5.9AI score0.0087EPSS

Exploits0References1

CNVD•added 2015/11/01 12:0 a.m.•2 views

WordPress User List Table Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation. WordPress fails to adequately filter user-submitted input, allowing remote attackers to exploit vulnerabilities to inject malicious scripts or HTML code that can capture sensitive...

6.8AI score

Exploits0References1

CNVD•added 2015/09/27 12:0 a.m.•1 views

Winmail Server 'badlogin.php' Cross-Site Scripting Vulnerability

Winmail Server is a set of mail server software. A cross-site scripting vulnerability exists in Winmail Server badlogin.php, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain access to sensitive information or hijack user...

6.2AI score

Exploits0References1

CNVD•added 2015/08/19 12:0 a.m.•2 views

IBM Domino Server Cross-Site Scripting Vulnerability (CNVD-2015-05521)

The IBM Lotus Domino server is a WEB-based collaborative application architecture. A cross-site scripting vulnerability exists in IBM Domino Server, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code that can be used to obtain sensitive information ...

5.8CVSS6.1AI score0.01502EPSS

Exploits0References1

CNVD•added 2015/05/26 12:0 a.m.•2 views

Unspecified Cross-Site Scripting Vulnerability in PHPWind

PHPWind is a set of PHP-based Web forum program . PHPWind suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when malicious...

4.3CVSS5.9AI score0.01941EPSS

Exploits0References1

CNVD•added 2015/05/26 12:0 a.m.•2 views

SITEFACT '/index.cfm' Cross-Site Scripting Vulnerability

SITEFACT is an open source content management system. SITEFACT '/index.cfm' suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain access to sensitive information or hijack user...

6.2AI score

Exploits0References1

CNVD•added 2015/05/20 12:0 a.m.•1 views

Drupal Current Search Links Module Cross-Site Scripting Vulnerability

Drupal is a free and open source content management system developed in PHP. A cross-site scripting vulnerability exists in Drupal Current Search Links, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive...

2.6CVSS5.9AI score0.01178EPSS

Exploits0References1

CNVD•added 2015/05/20 12:0 a.m.•1 views

Avsarsoft Matbaa Script Cross-Site Scripting Vulnerability

Avsarsoft Matbaa Script is a WEB-based script. Avsarsoft Matbaa Script suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain access to sensitive information or hijack user...

6.3AI score

Exploits0References1

CNVD•added 2015/05/07 12:0 a.m.•2 views

Unspecified cross-site scripting vulnerability in Nagios Business Process Intelligence (BPI) index.php

Nagios is an open source free network monitoring tool , can effectively monitor Windows, Linux and Unix host status , switches routers and other network settings , printers and so on. Nagios Business Process Intelligence index.php cross-site scripting vulnerability , allowing remote attackers to...

6.1CVSS6.2AI score0.01391EPSS

Exploits0References1

CNVD•added 2015/03/24 12:0 a.m.•3 views

Multiple Cross-Site Scripting Vulnerabilities in ocPortal

ocPortal is a content management system. Multiple cross-site scripting vulnerabilities exist in ocPortal. The vulnerabilities can be exploited to allow remote attackers to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when maliciou...

3.5CVSS6.1AI score0.01519EPSS

Exploits1References1

CNVD•added 2015/02/21 12:0 a.m.•2 views

IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2015-01273)

IBM WebSphere Portal provides a framework for combining application or business mashups and provides a high-level tool to construct flexible, SOA-based solutions. A cross-site scripting vulnerability exists in IBM WebSphere Portal, which allows remote attackers to exploit the vulnerability to...

3.5CVSS6.1AI score0.01402EPSS

Exploits0References1

OSV•added 2013/03/08 10:55 p.m.•7 views

CVE-2011-4969

Cross-site scripting XSS vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag...

5.3AI score

Exploits0References14

OpenVAS•added 2012/11/26 12:0 a.m.•30 views

Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 (Windows)

This host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvuln02nov12win.nasl 5999 2017-04-21 09:02:32Z teissa $ Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 Windows Authors: Arun Kallavi Copyright:...

10CVSS0.9AI score0.06155EPSS

Exploits5References10

OpenVAS•added 2012/11/26 12:0 a.m.•41 views

Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 (Mac OS X)

This host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvuln02nov12macosx.nasl 6074 2017-05-05 09:03:14Z teissa $ Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 Mac OS X Authors: Arun Kallavi Copyright...

10CVSS0.8AI score0.06155EPSS

Exploits5References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by