CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4584 matches found

OSV•added 2008/07/02 5:14 p.m.•1 views

DEBIAN-CVE-2008-2960

Cross-site scripting XSS vulnerability in phpMyAdmin before 2.11.7, when registerglobals is enabled and .htaccess support is disabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving scripts in libraries/...

2.6CVSS5.7AI score0.01596EPSS

Exploits1References1

RedHat Linux•added 2008/06/30 3:29 p.m.•4 views

httpd cross-site scripting flaw in mod_imap

Cross-site scripting XSS vulnerability in the modimap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps...

4.3CVSS7.3AI score0.73692EPSS

Exploits0References4

ATTACKERKB•added 2008/06/25 12:36 p.m.•1 views

CVE-2008-2842

Cross-site scripting XSS vulnerability in edit/showmedia.asp in doITLive CMS 2.50 and earlier allows remote attackers to inject arbitrary web script or HTML via the FILE parameter...

4.3CVSS5.7AI score0.01499EPSS

Exploits1References7

ATTACKERKB•added 2008/06/25 12:36 p.m.•2 views

CVE-2008-2848

Cross-site scripting XSS vulnerability in the search functionality in MindTouch DekiWiki before 8.05.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01033EPSS

Exploits0References5

ATTACKERKB•added 2008/06/23 5:41 p.m.•1 views

CVE-2008-2825

Cross-site scripting XSS vulnerability in the embedded Web Server in Xerox WorkCentre M123, M128, and 133 and WorkCentre Pro 123, 128, and 133 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01223EPSS

Exploits0References7

ATTACKERKB•added 2008/06/20 11:48 a.m.•1 views

CVE-2008-2787

Cross-site scripting XSS vulnerability in out.php in OpenDocMan 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the lastmessage parameter...

4.3CVSS5.7AI score0.01834EPSS

Exploits1References8

ATTACKERKB•added 2008/06/18 10:41 p.m.•2 views

CVE-2008-2759

Multiple cross-site scripting XSS vulnerabilities in Xigla Absolute Form Processor XE 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 showfields, 2 text, and 3 submissions parameters to search.asp and the 4 name parameter to users.asp. NOTE: some of these details are...

4.3CVSS5.5AI score0.01272EPSS

Exploits1References8

ATTACKERKB•added 2008/06/18 10:41 p.m.•2 views

CVE-2008-2766

Cross-site scripting XSS vulnerability in Xigla Absolute Image Gallery XE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in 1 admin/search.asp and 2 gallery.asp...

4.3CVSS5.7AI score0.01102EPSS

Exploits1References7

ATTACKERKB•added 2008/06/18 10:41 p.m.•3 views

CVE-2008-2773

Cross-site scripting XSS vulnerability in the Taxonomy Image module 5.x before 5.x-1.3 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01033EPSS

Exploits0References5

Japan Vulnerability Notes•added 2008/06/06 3:0 a.m.•1 views

Groupmax World Wide Web Desktop/BUNSHOKANRI(=DocumentManagement) Cross-Site Scripting Vulnerability

Overview A cross-site scripting vulnerability has been found in the Groupmax World Wide Web Desktop/BUNSHOKANRI =DocumentManagement. Impact A remote attacker could execute malicious scripts. Solution Please refer to the 'Vendor Information' section for official countermesure and take appropriate...

4.3CVSS6.4AI score

Exploits0References1

Japan Vulnerability Notes•added 2008/06/06 3:0 a.m.•2 views

Hitachi Groupmax Collaboration Products Cross-Site Scripting Vulnerability

Overview A cross-site scripting vulnerability has been found in the Hitachi Groupmax Collaboration products. Impact A remote attacker could execute arbitrary scripts. Solution Please refer to the 'Vendor Information' section for official countermesure and take appropriate action...

4.3CVSS6.6AI score

Exploits0References1

Packet Storm•added 2008/06/02 12:0 a.m.•31 views

bea-xss.txt

+============================================================================================+ + Oracle Corporation BEA WebLogic Portal & high XSS Vulnerabilities + +============================================================================================+ Authors: Ivan Sanchez Producto:...

7.4AI score

Exploits0

OSV•added 2008/05/23 3:32 p.m.•5 views

CVE-2008-2302

Cross-site scripting XSS vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request...

5.4AI score

Exploits0References8

Japan Vulnerability Notes•added 2008/05/20 3:0 p.m.•2 views

Trac cross-site scripting vulnerability

Overview Trac is a project management tool from Edgewall Software. InterAct Corp. provides a localized version of Trac in Japan. Trac wiki engine contains a cross-site scripting vulnerability which affects Microsoft Internet Explorer. Impact A remote attacker could possibly execute an arbitrary...

4.3CVSS6.2AI score0.01089EPSS

Exploits0References10

Japan Vulnerability Notes•added 2008/05/20 3:0 p.m.•1 views

w3m Cross-Site Scripting Vulnerability

Overview w3m contains a cross-site scripting vulnerability due to insufficient sanitization of HTML tags in the frame. Impact An remote attacker could execute arbitrary scripts and gain access to files or cookies. Solution Please refer to the 'Vendor Information' section for official remediation...

4.3CVSS6.3AI score0.02478EPSS

Exploits0References8

Japan Vulnerability Notes•added 2008/05/20 3:0 p.m.•1 views

mod_imap cross-site scripting vulnerability

Overview The "modimap" and "modimagemap" modules of the Apache HTTP Server are used for implementing server-side image map processing. modimap and modimagemap are affected by a cross-site scripting vulnerability when referer values are used in an image map in such a way that they do not handle...

4.3CVSS6.5AI score0.73692EPSS

Exploits0References33

Japan Vulnerability Notes•added 2008/05/20 3:0 p.m.•1 views

Meneame cross-site scripting vulnerability

Overview Meneame, an open source social bookmark system, contains a cross-site scripting vulnerability. Meneame, an open-source web application to build social bookmark systems, contains a cross-site scripting vulnerability, as it does not properly handle output data. Impact A remote attacker cou...

4.3CVSS6.4AI score0.01263EPSS

Exploits0References6

Japan Vulnerability Notes•added 2008/05/20 3:0 p.m.•3 views

Zimbra Collaboration Suite script execution vulnerability

Overview Zimbra Collaboration Suite, a web collaboration tool from Zimbra, Inc., contains a vulnerability that could allow a remote attacker to execute an arbitrary script on the user's web browser. Zimbra Collaboration Suite is a web collaboration tool that provides calendar, address book,...

4.3CVSS7AI score0.01223EPSS

Exploits0References8

Japan Vulnerability Notes•added 2008/05/20 3:0 p.m.•3 views

Namazu cross-site scripting vulnerability

Overview Namazu, Japanese full-text search engine, contains a cross-site scripting vulnerability. Namazu, Japanese full-text search engine does not specify charset in the ContentType header that could allow a remote attacker to execute an arbitrary script on the user's web browser. Impact An...

4.3CVSS6.2AI score0.01745EPSS

Exploits0References8

RedHat Linux•added 2008/05/20 2:14 p.m.•1 views

apache mod_status cross-site scripting

Cross-site scripting XSS vulnerability in modstatus in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS7.3AI score0.75891EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by