CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4585 matches found

RedhatCVE•added 2025/05/22 4:46 a.m.•9 views

CVE-2013-0323

Cross-site scripting XSS vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the author field...

4.3CVSS6AI score0.01325EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:45 a.m.•7 views

CVE-2012-3832

Cross-site scripting XSS vulnerability in decoda/Decoda.php in Decoda before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to 1 b or 2 div tags...

4.3CVSS5.8AI score0.01483EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:40 a.m.•9 views

CVE-2013-2337

Cross-site scripting XSS vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.0163EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:39 a.m.•8 views

CVE-2010-0607

Cross-site scripting XSS vulnerability in Forms/statusstatistics1 in the Sterlite SAM300 AX Router allows remote attackers to inject arbitrary web script or HTML via the StatRadio parameter...

4.3CVSS5.9AI score0.01467EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:36 a.m.•4 views

CVE-2010-3462

Cross-site scripting XSS vulnerability in backend/plugin/Registration/index.php in Mollify 1.6, 1.6.5.5, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the confirm parameter. NOTE: some of these details are obtained from third party information...

4.3CVSS6AI score0.03037EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:34 a.m.•7 views

CVE-2011-3861

Cross-site scripting XSS vulnerability in the Web Minimalist 200901 theme before 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

4.3CVSS6AI score0.03429EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:34 a.m.•8 views

CVE-2011-3855

Cross-site scripting XSS vulnerability in the F8 Lite theme before 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS6AI score0.03134EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:33 a.m.•8 views

CVE-2012-2326

Cross-site scripting XSS vulnerability in the Admin Control Panel ACP in MyBB aka MyBulletinBoard before 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malformed file name in an orphaned attachment...

4.3CVSS5.8AI score0.00994EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:33 a.m.•7 views

CVE-2010-2365

Cross-site scripting XSS vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01053EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:32 a.m.•5 views

CVE-2010-2316

Multiple cross-site scripting XSS vulnerabilities in default.asp in WmsCms 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 search, 2 sbr, 3 p, and 4 sbl parameters, different vectors than CVE-2007-3137...

4.3CVSS5.8AI score0.02962EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 4:29 a.m.•7 views

CVE-2012-6627

Cross-site scripting XSS vulnerability in admin/testmail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter...

4.3CVSS6AI score0.01649EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:21 a.m.•10 views

CVE-2012-6458

Multiple cross-site scripting XSS vulnerabilities in the SilverStripe e-commerce module 3.0 for SilverStripe CMS allow remote attackers to inject arbitrary web script or HTML via the 1 FirstName, 2 Surname, or 3 Email parameter to code/forms/OrderFormAddress.php; or the 4 FirstName or 5 Surname...

4.3CVSS6AI score0.00939EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:14 a.m.•8 views

CVE-2014-10035

Multiple cross-site scripting XSS vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to inject arbitrary web script or HTML via the 1 sEcho parameter to commentspaginate.php or 2 storespaginate.php or the 3 affiliateurl, 4 description, 5 domain, 6...

4.3CVSS5.9AI score0.03496EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:13 a.m.•5 views

CVE-2010-2049

Cross-site scripting XSS vulnerability in jsp/audit/reports/ExportReport.jsp in ManageEngine ADAudit Plus 4.0.0 build 4043 allows remote attackers to inject arbitrary web script or HTML via the reportList parameter. NOTE: the provenance of this information is unknown; the details are obtained...

4.3CVSS5.8AI score0.02723EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:10 a.m.•9 views

CVE-2014-100037

Cross-site scripting XSS vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to archives/...

4.3CVSS6AI score0.00984EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:9 a.m.•7 views

CVE-2013-7419

Cross-site scripting XSS vulnerability in includes/refreshDate.php in the Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the roomid parameter...

4.3CVSS6AI score0.01917EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:9 a.m.•8 views

CVE-2010-2985

Multiple cross-site scripting XSS vulnerabilities in IBM WebSphere Service Registry and Repository WSRR 6.3 allow remote attackers to inject arbitrary web script or HTML via 1 the searchTerm parameter to ServiceRegistry/HelpSearch.do or 2 the queryItems0.value parameter to...

4.3CVSS5.8AI score0.01073EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:8 a.m.•9 views

CVE-2010-2969

Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/LikePages.py, 2 action/chart.py, and 3 action/userprofile.py, a similar issue to...

4.3CVSS6AI score0.02657EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:8 a.m.•4 views

CVE-2012-1807

Cross-site scripting XSS vulnerability in the web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01012EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:3 a.m.•5 views

CVE-2013-7288

Cross-site scripting XSS vulnerability in the mycodeparsevideo function in inc/classparser.php in MyBB aka MyBulletinBoard before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via vectors related to Yahoo video URLs...

4.3CVSS5.8AI score0.01161EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by