Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2022/01/25 4:15 p.m.11 views

CVE-2021-46087

In jfinalcms = 5.1 0, there is a storage XSS vulnerability in the background system of CMS. Because developers do not filter the parameters submitted by the user input form, any user with background permission can affect the system security by entering malicious code...

5.4CVSS6.2AI score
Exploits0References1
Cvelist
Cvelistadded 2022/01/25 3:56 p.m.9 views

CVE-2021-46087

In jfinalcms = 5.1 0, there is a storage XSS vulnerability in the background system of CMS. Because developers do not filter the parameters submitted by the user input form, any user with background permission can affect the system security by entering malicious code...

5.5AI score0.00191EPSS
Exploits1References1
securityvulns
securityvulnsadded 2006/06/10 12:0 a.m.155 views

P.A.I.D v2.2

P.A.I.D v2.2 Homepage: http://www.webexceluk.net Effected files: faq.php input form of logging in. index.php The input forms of logging into My Account do not sanatize user input. For PoC of a XSS attack simply put in: "IMG SRC=javascript:alert'XSS'" It also seems when logging in, even if your...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2006/04/21 12:0 a.m.35 views

Fedora Core 5 : firefox-1.5.0.2-1.1.fc5 (2006-411)

Several bugs were found in the way Firefox processes malformed JavaScript. A malicious web page could modify the content of a different open web page, possibly stealing sensitive information or conducting a cross-site scripting attack. CVE-2006-1731, CVE-2006-1732, CVE-2006-1741 Several bugs were...

10CVSS8AI score0.39006EPSS
Exploits3References19
Prion
Prionadded 2006/01/16 9:3 p.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in DCP-Portal 5.3 through 6.1.1 allow remote attackers to inject arbitrary web script or HTML via 1 the day parameter in calendar.php and 2 the input form in search.php. NOTE: the provenance of this information is unknown; the details are obtained...

4.3CVSS6.6AI score0.02564EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2006/01/16 9:3 p.m.13 views

CVE-2006-0220

Multiple cross-site scripting XSS vulnerabilities in DCP-Portal 5.3 through 6.1.1 allow remote attackers to inject arbitrary web script or HTML via 1 the day parameter in calendar.php and 2 the input form in search.php. NOTE: the provenance of this information is unknown; the details are obtained...

4.3CVSS6.2AI score0.00329EPSS
Exploits1References3
NVD
NVDadded 2005/12/29 11:3 a.m.9 views

CVE-2005-4577

Multiple cross-site scripting XSS vulnerabilities in Hitachi Business Logic - Container BLC P-2443-9114 01-00 through 02-06 on Windows, and P-1M43-9111 01-01 through 02-00 on AIX, allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in an unspecified input form...

4.3CVSS5.8AI score0.00527EPSS
Exploits0References6
Rows per page
Query Builder