CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6665 matches found

Packet Storm•added 2015/04/16 12:0 a.m.•45 views

Webs ID Cross Site Scripting

Webs ID Reflected XSS Cross-site Scripting Security Vulnerabilities Exploit Title: Webs ID /login.jsp &error Parameter Reflected XSS Cross-site Scripting Security Vulnerabilities Vendor: Webs, Inc Product: Webs ID Vulnerable Versions: Tested Version: Advisory Publication: April 02, 2015 Latest...

7.4AI score

Exploits0

exploitpack•added 2015/04/08 12:0 a.m.•18 views

Balero CMS 0.7.2 - Multiple JSHTML Injection Vulnerabilities

Balero CMS 0.7.2 - Multiple JSHTML Injection Vulnerabilities document.cookie="counter=1confirm'XSS'; path=/balerocms/"; csrf+stored xss+filter bypass+session hijack: document.location="http://www.zeroscience.mk/pent...

0.6AI score

Exploits0

OpenVAS•added 2015/04/07 12:0 a.m.•29 views

JetBrains TeamCity < 8.1 Multiple Vulnerabilities

JetBrains Teamcity is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.8AI score0.00004EPSS

Exploits1References1

Cisco•added 2015/04/06 5:30 p.m.•40 views

Cisco Wireless LAN Controller HTML Help Cross-Site Scripting Vulnerability

A vulnerability in the HTML help system of Cisco Wireless LAN Controller WLC devices could allow an unauthenticated, remote attacker conduct cross-site scripting attacks. An unauthenticated, remote attacker who can convince a user of an affected system to follow a malicious link or visit an...

4.3CVSS6.3AI score0.00263EPSS

Exploits0References1

Vulnerability Lab•added 2015/03/23 12:0 a.m.•44 views

SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities

Document Title: =============== SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1314 Release Date: ============= 2015-03-23 Vulnerability Laboratory ID VL-ID: ==================================== 1314...

7.1AI score

Exploits0

OpenVAS•added 2015/03/18 12:0 a.m.•41 views

Fortinet FortiMail Web Action Quarantine Release Feature XSS Vulnerability (FG-IR-15-005) - Active Check

Fortinet FortiMail is prone to a XSS vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...

4.3CVSS5.1AI score0.00296EPSS

Exploits1References2

Tenable Nessus•added 2015/03/11 12:0 a.m.•153 views

MS15-022: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3038999)

The remote Windows host has a version of Microsoft Office, Office Compatibility Pack, Microsoft Word Viewer, Microsoft Excel Viewer, SharePoint Server, or Microsoft Office Web Apps that is affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist due to...

9.3CVSS6.4AI score0.7941EPSS

Exploits3References6

Symantec•added 2015/03/10 12:0 a.m.•36 views

Microsoft SharePoint CVE-2015-1636 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

3.5CVSS6.3AI score0.07946EPSS

Exploits0References1Affected Software2

OpenVAS•added 2015/03/06 12:0 a.m.•76 views

Visualware MyConnection Server <= 8.2b Multiple XSS Vulnerabilities

Visualware MyConnection Server is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS6.1AI score0.00318EPSS

Exploits2References1

OpenVAS•added 2015/03/02 12:0 a.m.•24 views

Zeuscart Multiple Vulnerabilities

Zeuscart is vulnerable to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:zeuscart:zeuscart"; if...

7.5CVSS7.4AI score0.11468EPSS

Exploits5References3

OpenVAS•added 2015/02/27 12:0 a.m.•23 views

Adminsystems CMS Multiple Vulnerabilities

Adminsystems CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.04371EPSS

Exploits2References5

OpenVAS•added 2015/02/26 12:0 a.m.•19 views

InstantASP InstantForum.NET Multiple Cross-Site Scripting Vulnerabilities

InstantASP InstantForum.NET is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS6.2AI score0.00254EPSS

Exploits2References1

OpenVAS•added 2015/02/11 12:0 a.m.•14 views

Fortinet FortiAnalyzer Multiple XSS Vulnerabilities (FG-IR-14-033)

Fortinet FortiAnalyzer is prone to multiple cross-site- scripting XSS vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective rig...

4.3CVSS5AI score0.00296EPSS

Exploits0References3

OpenVAS•added 2015/02/11 12:0 a.m.•18 views

Fortinet FortiWeb Multiple XSS Vulnerabilities (FG-IR-14-012)

Fortinet FortiWeb is prone to multiple reflective cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

4.3CVSS5AI score0.00329EPSS

Exploits0References3

Check Point Advisories•added 2015/02/10 12:0 a.m.•2 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0022)

A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error while handling certain objects when processing HTML and script code. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafte...

9.3CVSS7.1AI score0.24067EPSS

Exploits0

OpenVAS•added 2015/02/06 12:0 a.m.•20 views

Novell eDirectory iMonitor Multiple Vulnerabilities (Feb 2015)

Novell eDirectory is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:netiq:edirectory";...

4.3CVSS6.5AI score0.12722EPSS

Exploits2References5

OpenVAS•added 2015/01/28 12:0 a.m.•16 views

Kiwix Server 'pattern' Parameter Cross-Site Scripting Vulnerability

Kiwix is prone to an XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.805131";...

4.3CVSS5.9AI score0.00256EPSS

Exploits1References5

OpenVAS•added 2015/01/27 12:0 a.m.•24 views

MediaWiki Hovercards Extension < 1.24 XSS Vulnerability (Jan 2015) - Active Check

The Hovercards extension for MediaWiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CP...

4.3CVSS6.1AI score0.00324EPSS

Exploits1References3

OpenVAS•added 2015/01/27 12:0 a.m.•24 views

MediaWiki TemplateSandbox Extension < 1.24 XSS Vulnerability (Jan 2015) - Active Check

The TemplateSandbox extension for MediaWiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

4.3CVSS6AI score0.00259EPSS

Exploits1References3

OpenVAS•added 2015/01/22 12:0 a.m.•16 views

WordPress Photocrati Theme 'prod_id' XSS Vulnerability

The WordPress theme Photocrati is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS6.1AI score0.00233EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by