CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4581 matches found

RedhatCVE•added 2025/05/22 4:36 a.m.•4 views

CVE-2010-3462

Cross-site scripting XSS vulnerability in backend/plugin/Registration/index.php in Mollify 1.6, 1.6.5.5, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the confirm parameter. NOTE: some of these details are obtained from third party information...

4.3CVSS6AI score0.03037EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:34 a.m.•6 views

CVE-2011-3861

Cross-site scripting XSS vulnerability in the Web Minimalist 200901 theme before 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

4.3CVSS6AI score0.03429EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:34 a.m.•6 views

CVE-2011-3855

Cross-site scripting XSS vulnerability in the F8 Lite theme before 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS6AI score0.03134EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:33 a.m.•7 views

CVE-2012-2326

Cross-site scripting XSS vulnerability in the Admin Control Panel ACP in MyBB aka MyBulletinBoard before 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malformed file name in an orphaned attachment...

4.3CVSS5.8AI score0.00994EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:33 a.m.•6 views

CVE-2010-2365

Cross-site scripting XSS vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01053EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:32 a.m.•4 views

CVE-2010-2316

Multiple cross-site scripting XSS vulnerabilities in default.asp in WmsCms 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 search, 2 sbr, 3 p, and 4 sbl parameters, different vectors than CVE-2007-3137...

4.3CVSS5.8AI score0.02962EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 4:29 a.m.•6 views

CVE-2012-6627

Cross-site scripting XSS vulnerability in admin/testmail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter...

4.3CVSS6AI score0.01649EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:21 a.m.•8 views

CVE-2012-6458

Multiple cross-site scripting XSS vulnerabilities in the SilverStripe e-commerce module 3.0 for SilverStripe CMS allow remote attackers to inject arbitrary web script or HTML via the 1 FirstName, 2 Surname, or 3 Email parameter to code/forms/OrderFormAddress.php; or the 4 FirstName or 5 Surname...

4.3CVSS6AI score0.00931EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:14 a.m.•7 views

CVE-2014-10035

Multiple cross-site scripting XSS vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to inject arbitrary web script or HTML via the 1 sEcho parameter to commentspaginate.php or 2 storespaginate.php or the 3 affiliateurl, 4 description, 5 domain, 6...

4.3CVSS5.9AI score0.03496EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:13 a.m.•4 views

CVE-2010-2049

Cross-site scripting XSS vulnerability in jsp/audit/reports/ExportReport.jsp in ManageEngine ADAudit Plus 4.0.0 build 4043 allows remote attackers to inject arbitrary web script or HTML via the reportList parameter. NOTE: the provenance of this information is unknown; the details are obtained...

4.3CVSS5.8AI score0.02723EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:10 a.m.•8 views

CVE-2014-100037

Cross-site scripting XSS vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to archives/...

4.3CVSS6AI score0.00984EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:9 a.m.•4 views

CVE-2013-7419

Cross-site scripting XSS vulnerability in includes/refreshDate.php in the Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the roomid parameter...

4.3CVSS6AI score0.01917EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:9 a.m.•6 views

CVE-2010-2985

Multiple cross-site scripting XSS vulnerabilities in IBM WebSphere Service Registry and Repository WSRR 6.3 allow remote attackers to inject arbitrary web script or HTML via 1 the searchTerm parameter to ServiceRegistry/HelpSearch.do or 2 the queryItems0.value parameter to...

4.3CVSS5.8AI score0.01073EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:8 a.m.•8 views

CVE-2010-2969

Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/LikePages.py, 2 action/chart.py, and 3 action/userprofile.py, a similar issue to...

4.3CVSS6AI score0.02657EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:8 a.m.•3 views

CVE-2012-1807

Cross-site scripting XSS vulnerability in the web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01012EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:3 a.m.•3 views

CVE-2013-7288

Cross-site scripting XSS vulnerability in the mycodeparsevideo function in inc/classparser.php in MyBB aka MyBulletinBoard before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via vectors related to Yahoo video URLs...

4.3CVSS5.8AI score0.01161EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:1 a.m.•7 views

CVE-2018-8062

A cross-site scripting XSS vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service...

5.4CVSS5.8AI score0.00954EPSS

Exploits3References1

RedhatCVE•added 2025/05/22 3:49 a.m.•7 views

CVE-2010-2722

Cross-site scripting XSS vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to inject arbitrary web script or HTML via the artistid parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the...

4.3CVSS6.2AI score0.00855EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:44 a.m.•6 views

CVE-2015-4465

Cross-site scripting XSS vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.04211EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:39 a.m.•9 views

CVE-2012-3279

Multiple cross-site scripting XSS vulnerabilities in HP Network Node Manager i NNMi 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.0163EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by