Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

90 matches found

UbuntuCve
UbuntuCveadded 2017/03/03 3:59 p.m.13 views

CVE-2017-5616

Cross-site scripting XSS vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter...

6.1CVSS6.8AI score0.00271EPSS
Exploits1References2
Cvelist
Cvelistadded 2016/11/24 7:41 p.m.18 views

CVE-2016-2864

Cross-site scripting XSS vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0 before 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix18, and 6.0...

5AI score0.00168EPSS
Exploits0References2
Cvelist
Cvelistadded 2016/06/05 1:0 a.m.15 views

CVE-2016-1222

Cross-site scripting XSS vulnerability in Kobe Beauty php-contact-form before 2016-05-18 allows remote attackers to inject arbitrary web script or HTML via a crafted URI...

6AI score0.00314EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2016/04/18 10:59 a.m.23 views

CVE-2016-1652

Cross-site scripting XSS vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/modulesystem.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS...

6.1CVSS7AI score0.00623EPSS
Exploits0References2
OSV
OSVadded 2016/04/12 11:59 p.m.2 views

CVE-2016-1377

Cross-site scripting XSS vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776...

6.1CVSS5.9AI score
Exploits0References2
NVD
NVDadded 2016/02/13 2:59 a.m.10 views

CVE-2016-0866

Cross-site scripting XSS vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.4AI score0.0021EPSS
Exploits0References1
Cvelist
Cvelistadded 2015/10/14 7:0 p.m.17 views

CVE-2015-7365

Cross-site scripting XSS vulnerability in the plugin upgrade form in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via the filename of an uploaded file containing errors...

5.6AI score0.00256EPSS
Exploits1References4
UbuntuCve
UbuntuCveadded 2015/08/24 3:59 p.m.33 views

CVE-2014-8987

Cross-site scripting XSS vulnerability in the "set configuration" box in the Configuration Report page admconfigreport.php in MantisBT 1.2.13 through 1.2.17 allows remote administrators to inject arbitrary web script or HTML via the configoption parameter, a different vulnerability than...

3.5CVSS6AI score0.00532EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2015/08/05 1:59 a.m.26 views

CVE-2015-3438

Multiple cross-site scripting XSS vulnerabilities in WordPress before 4.1.2, when MySQL is used without strict mode, allow remote attackers to inject arbitrary web script or HTML via a 1 four-byte UTF-8 character or 2 invalid character that reaches the database layer, as demonstrated by a crafted...

4.3CVSS5.9AI score0.01607EPSS
Exploits1References2
NVD
NVDadded 2015/07/04 2:59 p.m.13 views

CVE-2015-0551

Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before...

3.5CVSS5.5AI score0.00159EPSS
Exploits0References2
Cvelist
Cvelistadded 2015/07/04 2:0 p.m.14 views

CVE-2015-0551

Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before...

5.5AI score0.00159EPSS
Exploits0References2
OSV
OSVadded 2015/04/13 2:59 p.m.6 views

CVE-2015-2932

Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an animated href XLink element...

6.2AI score
Exploits0References8
NVD
NVDadded 2015/01/23 3:59 p.m.11 views

CVE-2015-1176

Cross-site scripting XSS vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action...

4.3CVSS6AI score0.00305EPSS
Exploits2References5
NVD
NVDadded 2014/10/09 2:55 p.m.8 views

CVE-2014-8077

Cross-site scripting XSS vulnerability in the NewsFlash theme 6.x-1.x before 6.x-1.7 and 7.x-1.x before 7.x-2.5 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to font family CSS property...

3.5CVSS5.3AI score0.00335EPSS
Exploits0References6
UbuntuCve
UbuntuCveadded 2014/06/11 2:55 p.m.23 views

CVE-2014-4037

Cross-site scripting XSS vulnerability in editor/dialog/fckspellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor before 2.6.11 and earlier allows remote attackers to inject arbitrary web script or HTML via an array key in the textinputs parameter, a different issue than...

4.3CVSS5.9AI score0.00353EPSS
Exploits1References3
UbuntuCve
UbuntuCveadded 2014/06/03 2:55 p.m.35 views

CVE-2014-3943

Multiple cross-site scripting XSS vulnerabilities in unspecified backend components in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allow remote authenticated editors to inject arbitrary web script or HTML via unknown parameters...

3.5CVSS5.9AI score0.00208EPSS
Exploits0References4
NVD
NVDadded 2014/03/19 2:17 p.m.13 views

CVE-2013-5953

Multiple cross-site scripting XSS vulnerabilities in tmpl/layouteditevent.php in the Multi Calendar commulticalendar component 4.0.2, and possibly 4.8.5 and earlier, for Joomla! allow remote attackers to inject arbitrary web script or HTML via the 1 calid or 2 paletteDefault parameter in an...

4.3CVSS5.9AI score0.00359EPSS
Exploits2References4
UbuntuCve
UbuntuCveadded 2014/02/13 12:0 a.m.24 views

CVE-2013-1070

Cross-site scripting XSS vulnerability in the API in Ubuntu Metal as a Service MaaS 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/...

4.3CVSS6AI score0.00336EPSS
Exploits1References2
NVD
NVDadded 2014/02/05 3:10 p.m.14 views

CVE-2013-1466

Multiple cross-site scripting XSS vulnerabilities in glFusion before 1.2.2.pl4 allow remote attackers to inject arbitrary web script or HTML via the 1 subject parameter to profiles.php; 2 address1, 3 address2, 4 calendartype, 5 city, 6 state, 7 title, 8 url, or 9 zipcode parameter to...

4.3CVSS5.7AI score0.08713EPSS
Exploits5References7
NVD
NVDadded 2013/12/05 6:55 p.m.11 views

CVE-2013-6267

Multiple cross-site scripting XSS vulnerabilities in Claroline before 1.11.9 allow remote attackers to inject arbitrary web script or HTML via the 1 box parameter to messaging/messagebox.php, cidToEdit parameter to 2 adminregisteruser.php or 3 adminusercoursesettings.php in admin/, 4 moduleid...

4.3CVSS5.7AI score0.00515EPSS
Exploits3References7
Rows per page
Query Builder