Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

82 matches found

Prion
Prionadded 2009/12/21 4:30 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Blog allows remote attackers to inject arbitrary web script or HTML via the cname parameter, related to the act and id parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

4.3CVSS6.1AI score0.01472EPSS
Exploits0References3
Prion
Prionadded 2009/12/21 4:30 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Blog 1.0 allows remote attackers to inject arbitrary web script or HTML via the yr parameter in a bmonth action...

4.3CVSS6.1AI score0.01525EPSS
Exploits1References4Affected Software1
Prion
Prionadded 2009/12/21 4:30 p.m.12 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add a blog via the addblog action, 2 approve a comment via the approvecomment action, 3 change administrator...

4.3CVSS7.8AI score0.00925EPSS
Exploits1References4Affected Software1
NVD
NVDadded 2009/12/21 4:30 p.m.21 views

CVE-2009-4364

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Blog allows remote attackers to inject arbitrary web script or HTML via the cname parameter, related to the act and id parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

4.3CVSS5.6AI score0.01472EPSS
Exploits0References3
NVD
NVDadded 2009/12/21 4:30 p.m.11 views

CVE-2009-4365

Multiple cross-site request forgery CSRF vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add a blog via the addblog action, 2 approve a comment via the approvecomment action, 3 change administrator...

4.3CVSS7.2AI score0.00925EPSS
Exploits1References4
NVD
NVDadded 2009/12/21 4:30 p.m.12 views

CVE-2009-4366

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Blog 1.0 allows remote attackers to inject arbitrary web script or HTML via the yr parameter in a bmonth action...

4.3CVSS5.7AI score0.01525EPSS
Exploits1References4
CVE
CVEadded 2009/12/21 4:0 p.m.47 views

CVE-2009-4366

ScriptsEz Ez Blog 1.0 contains a cross-site scripting (XSS) vulnerability in index.php where the yr parameter in a bmonth action can be used to inject arbitrary web script/HTML. CVE-2009-4366 has CVSSv2 base score 4.3 (Medium); attack vector: Network; authentication: None; confidentiality impact:...

4.3CVSS5.7AI score0.01525EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2009/12/21 4:0 p.m.47 views

CVE-2009-4365

CVE-2009-4365 describes multiple cross-site request forgery (CSRF) vulnerabilities in admin.php of ScriptsEz Ez Blog 1.0. The issue allows remote attackers to hijack administrator sessions and perform actions such as adding a blog (add_blog), approving comments (approve_comment), changing adminis...

4.3CVSS7.2AI score0.00925EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2009/12/21 4:0 p.m.37 views

CVE-2009-4364

CVE-2009-4364 describes a Cross-site Scripting (XSS) vulnerability in the ScriptsEz Ez Blog, affecting the application’s index.php where the cname parameter can inject arbitrary web script/HTML (related to the act and id parameters). The root cause is insufficient input validation on cname. Impac...

4.3CVSS5.6AI score0.01472EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2009/12/21 4:0 p.m.17 views

CVE-2009-4365

Multiple cross-site request forgery CSRF vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote attackers to hijack the authentication of administrators for requests that 1 add a blog via the addblog action, 2 approve a comment via the approvecomment action, 3 change administrator...

7.2AI score0.00925EPSS
Exploits1References4
Cvelist
Cvelistadded 2009/12/21 4:0 p.m.16 views

CVE-2009-4364

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Blog allows remote attackers to inject arbitrary web script or HTML via the cname parameter, related to the act and id parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

5.6AI score0.01472EPSS
Exploits0References3
Exploit DB
Exploit DBadded 2009/12/15 12:0 a.m.13 views

Scriptsez Ez FAQ Maker 1.0 - Cross-Site Scripting / Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/41806/info ScriptsEz Ez FAQ Maker is prone to a cross-site scripting vulnerability and a cross-site request-forgery vulnerability. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user in the...

7AI score
Exploits0
NVD
NVDadded 2009/12/14 9:17 p.m.15 views

CVE-2009-4317

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Cart allows remote attackers to inject arbitrary web script or HTML via the sid parameter in a showcat action...

4.3CVSS5.7AI score0.01097EPSS
Exploits1References4
Prion
Prionadded 2009/12/14 9:17 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Cart allows remote attackers to inject arbitrary web script or HTML via the sid parameter in a showcat action...

4.3CVSS6.1AI score0.01097EPSS
Exploits1References4
Cvelist
Cvelistadded 2009/12/14 9:0 p.m.17 views

CVE-2009-4317

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Cart allows remote attackers to inject arbitrary web script or HTML via the sid parameter in a showcat action...

5.7AI score0.01097EPSS
Exploits1References4
CVE
CVEadded 2009/12/14 9:0 p.m.37 views

CVE-2009-4317

CVE-2009-4317 describes a Cross-site scripting (XSS) vulnerability in index.php of ScriptsEz Ez Cart. The issue allows remote attackers to inject arbitrary web script or HTML via the sid parameter in a showcat action, potentially affecting user sessions and page content. The NVD entry records a C...

4.3CVSS5.7AI score0.01097EPSS
Exploits1References4Affected Software1
NVD
NVDadded 2009/10/08 5:30 p.m.14 views

CVE-2009-3601

Cross-site scripting XSS vulnerability in demopage.php in Scriptsez Ultimate Poll allows remote attackers to inject arbitrary web script or HTML via the clr parameter in a vote action...

4.3CVSS5.7AI score0.03028EPSS
Exploits1References4
Prion
Prionadded 2009/10/08 5:30 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in demopage.php in Scriptsez Ultimate Poll allows remote attackers to inject arbitrary web script or HTML via the clr parameter in a vote action...

4.3CVSS6.1AI score0.03028EPSS
Exploits1References4
Cvelist
Cvelistadded 2009/10/08 5:0 p.m.15 views

CVE-2009-3601

Cross-site scripting XSS vulnerability in demopage.php in Scriptsez Ultimate Poll allows remote attackers to inject arbitrary web script or HTML via the clr parameter in a vote action...

5.7AI score0.03028EPSS
Exploits1References4
CVE
CVEadded 2009/10/08 5:0 p.m.43 views

CVE-2009-3601

CVE-2009-3601 is an XSS vulnerability in Scriptsez Ultimate Poll, specifically in demo_page.php where the clr parameter in a vote action can be exploited to inject arbitrary script or HTML. The NVD entry documents a medium base score (CVSS2 4.3) with network attack vector and no confidentiality i...

4.3CVSS5.7AI score0.03028EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder