CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4584 matches found

RedHat Linux•added 2013/09/04 6:43 p.m.•4 views

httpd: XSS flaw in mod_proxy_balancer manager interface

Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML vi...

4.3CVSS5.8AI score0.22913EPSS

Exploits2References4

OSV•added 2013/08/17 4:55 p.m.•5 views

UBUNTU-CVE-2013-2022

Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.23 allow remote attackers to inject arbitrary web script or HTML via the 1 jQuery or 2 id parameters, a different vulnerability than CVE-2013-1942 and...

4.3CVSS5.9AI score0.02722EPSS

Exploits1References4

OSV•added 2013/08/15 5:55 p.m.•0 views

UBUNTU-CVE-2013-1942

Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other products, allow remote attackers to inject arbitrary web script or HTML via the 1 jQuery or 2 id...

4.3CVSS5.8AI score0.05494EPSS

Exploits2References4

OSV•added 2013/07/31 1:20 p.m.•10 views

CVE-2013-4996

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted database name, 2 a crafted user name, 3 a crafted logo URL in the navigation panel, 4 a...

5.4AI score

Exploits0References4

OSV•added 2013/07/31 1:20 p.m.•6 views

CVE-2013-5002

Cross-site scripting XSS vulnerability in libraries/schema/ExportRelationSchema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schemaexport.php...

5AI score

Exploits0References3

OSV•added 2013/07/19 2:36 p.m.•11 views

CVE-2012-3414

Cross-site scripting XSS vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the...

5.5AI score

Exploits0References8

Cvelist•added 2013/07/12 9:0 p.m.•22 views

CVE-2013-3423

Cross-site scripting XSS vulnerability in the web interface in Cisco Secure Access Control System ACS allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCud75174...

5.7AI score0.00931EPSS

Exploits0References2

RedHat Linux•added 2013/07/09 6:57 p.m.•2 views

stapler-adjunct-zeroclipboard: XSS via copying XSS payload into buffer

Cross-site scripting XSS vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is...

4.3CVSS5.9AI score0.0635EPSS

Exploits6References5

RedHat Linux•added 2013/07/09 5:51 p.m.•5 views

ActiveMQ: XSS vulnerability in scheduled.jsp

Cross-site scripting XSS vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."...

4.3CVSS7AI score0.06366EPSS

Exploits1References4

RedHat Linux•added 2013/07/03 4:18 p.m.•4 views

httpd: XSS flaw in mod_proxy_balancer manager interface

4.3CVSS5.8AI score0.22913EPSS

Exploits2References4

RedHat Linux•added 2013/05/22 6:17 p.m.•1 views

System: pki-tps XSS flaw

Multiple cross-site scripting XSS vulnerabilities in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 tus/ or 2 tus/tus/...

4.3CVSS5.8AI score0.01237EPSS

Exploits0References4

ATTACKERKB•added 2013/04/28 3:24 a.m.•1 views

CVE-2012-5219

Cross-site scripting XSS vulnerability in HP Managed Printing Administration MPA before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.02519EPSS

Exploits0References2

OSV•added 2013/04/02 3:22 a.m.•7 views

DEBIAN-CVE-2012-6550

Cross-site scripting XSS vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via "the clipText returned from the flash object," a different vulnerability than CVE-2013-1808...

4.3CVSS6.1AI score0.04539EPSS

Exploits0References1

Debian CVE•added 2013/03/21 9:0 p.m.•7 views

CVE-2013-1844

Cross-site scripting XSS vulnerability in Piwik before 1.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00931EPSS

Exploits0

Positive Technologies•added 2013/03/19 12:0 a.m.•2 views

PT-2013-2239 · Cloudbees +1 · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions prior to 1.502 Jenkins LTS versions prior to 1.480.3 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Recommendations: For versions prior to...

4.3CVSS5.3AI score0.01437EPSS

Exploits0References11

ATTACKERKB•added 2013/03/13 12:55 a.m.•3 views

CVE-2013-0083

Cross-site scripting XSS vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability."...

4.3CVSS5.6AI score0.14333EPSS

Exploits0References3

OSV•added 2013/03/08 10:55 p.m.•5 views

AZL-44421 CVE-2011-4969 affecting package python-genshi 0.7.9-1

Cross-site scripting XSS vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag...

4.3CVSS7.1AI score0.19191EPSS

Exploits1References1

RedHat Linux•added 2013/02/28 6:53 p.m.•4 views

rubygem-actionpack: potential XSS vulnerability in select_tag prompt

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formtaghelper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the selecttag helper...

4.3CVSS5.9AI score0.01306EPSS

Exploits1References4

OSV•added 2013/02/26 4:55 p.m.•2 views

DEBIAN-CVE-2012-3499

Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modldap, 4 modproxyftp, and 5...

4.3CVSS7.5AI score0.22913EPSS

Exploits2References1