Lucene search
K

60 matches found

OSV
OSV
added 2018/08/09 7:29 p.m.6 views

CVE-2018-15182

PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields...

5.4CVSS5.8AI score0.00545EPSS
Exploits1References1
CNVD
CNVD
added 2018/03/09 12:0 a.m.7 views

Jease Cross-Site Scripting Vulnerability (CNVD-2018-04746)

Jease is a set of open source content management system CMS written in Java language . A cross-site scripting vulnerability exists in Jease. A remote attacker can exploit this vulnerability to inject arbitrary Web script or HTML...

5.4CVSS6.3AI score0.00708EPSS
Exploits3References1
CNVD
CNVD
added 2017/08/04 12:0 a.m.7 views

Cisco Finesse Cross-Site Scripting Vulnerability (CNVD-2017-20384)

Cisco Finesse is a suite of call center management software from Cisco in the United States. A cross-site scripting vulnerability exists in the Cisco Finesse WEB script, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain...

6.1CVSS6.2AI score0.01234EPSS
Exploits0References1
CVE
CVE
added 2017/07/22 12:0 a.m.51 views

CVE-2017-2274

Cross-site scripting vulnerability (CVE-2017-2274) affects Buffalo WMR-433 and WMR-433W wireless LAN routers. WMR-433: firmware 1.02 and earlier; WMR-433W: firmware 1.40 and earlier. An attacker can inject arbitrary web script or HTML via unspecified vectors, potentially affecting the device’s we...

6.1CVSS6.3AI score0.0085EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/04/01 12:0 a.m.5 views

Pixie Cross-Site Scripting Vulnerability

Pixie is an open source lightweight website content management system CMS. The system supports CSS themes, WYSIWYG editors and more. A cross-site scripting vulnerability exists in Pixie version 1.0.4, which stems from the program not properly validating user-submitted input. A remote attacker can...

6.1CVSS6.1AI score0.00797EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2014/10/31 3:0 p.m.27 views

CVE-2014-8578

Cross-site scripting XSS vulnerability in the Groups panel in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-3475...

3.5CVSS5.4AI score0.0118EPSS
Exploits0
NVD
NVD
added 2013/08/23 4:55 p.m.27 views

CVE-2013-5587

Cross-site scripting XSS vulnerability in Request Tracker RT 4.x before 4.0.13, when MakeClicky is configured, allows remote attackers to inject arbitrary web script or HTML via a URL in a ticket. NOTE: this issue has been SPLIT from CVE-2013-3371 due to different affected versions...

2.6CVSS5.4AI score0.01985EPSS
Exploits0References6
CVE
CVE
added 2013/02/20 11:0 a.m.55 views

CVE-2012-3327

CVE-2012-3327 describes a cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management (versions 6.2–7.5), Maximo Asset Management Essentials (6.2–7.5), Tivoli Asset Management for IT (6.2–7.2), Tivoli Service Request Manager (7.1–7.2), Maximo Service Desk (6.2), CCMDB (7.1–7.2), and S...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2011/09/28 10:0 a.m.22 views

CVE-2011-3864

Cross-site scripting XSS vulnerability in the The Erudite theme before 2.7.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter...

5.8AI score0.01521EPSS
Exploits1References1
NVD
NVD
added 2011/07/17 8:55 p.m.23 views

CVE-2011-2754

Cross-site scripting XSS vulnerability in the PageBuilder2 aka Page Builder theme in IBM WebSphere Portal 7.x before 7.0.0.1 CF006, as used in IBM Web Content Manager WCM and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.6AI score0.00845EPSS
Exploits0References2
Prion
Prion
added 2010/07/28 2:43 p.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Commerce extension before 0.9.9 for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.7AI score0.00833EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2009/04/10 3:0 p.m.25 views

CVE-2008-6683

Cross-site scripting XSS vulnerability in listtest.php in Apartment Search Script allows remote attackers to inject arbitrary web script or HTML via the r parameter...

5.7AI score0.01445EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2008/08/27 12:0 a.m.28 views

kolifadownload-sql.txt

Title: Kolifa.Net Download Script indir.php ================================================================ + Author : Kacak + Special Thankz : Sa0 & Knock0ut & Biyocanlar & BilisimCanlar & All My Friends + BuqX at Hotmail dot Com +...

7.4AI score
Exploits0
NVD
NVD
added 2008/05/13 10:20 p.m.18 views

CVE-2008-2187

Cross-site scripting XSS vulnerability in mjguest.php in Mjguest 6.7 GT Rev.01 allows remote attackers to inject arbitrary web script or HTML via the level parameter in a redirect action, possibly involving interface/redirect.htm.php...

4.3CVSS5.8AI score0.0179EPSS
Exploits1References7
Cvelist
Cvelist
added 2008/01/23 11:0 a.m.25 views

CVE-2008-0398

Cross-site scripting XSS vulnerability in aflog 1.01, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment form...

5.8AI score0.01445EPSS
Exploits1References4
NVD
NVD
added 2008/01/11 10:46 p.m.24 views

CVE-2008-0239

Multiple cross-site scripting XSS vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allow remote attackers to inject arbitrary HTML or web script via the 1 cntry or lang parameters to /idm/login.jsp, 2 resultsForm parameter to /idm/account/findForSelect.jsp, or...

4.3CVSS5.9AI score0.05696EPSS
Exploits1References16
CVE
CVE
added 2007/06/21 6:0 p.m.42 views

CVE-2007-3330

CVE-2007-3330 describes a stored cross-site scripting (XSS) vulnerability in STphp EasyNews PRO 4.0. The issue allows remote attackers to inject arbitrary web script or HTML via a news post that is stored in the news/ directory without proper sanitization. The root cause is the lack of input/outp...

4.3CVSS5.5AI score0.0106EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2005/05/27 4:0 a.m.49 views

CVE-2004-2113

BremsServer 1.2.4 is affected by an XSS vulnerability that allows a remote attacker to inject arbitrary web script or HTML via the URL. The impact is partial integrity violation with no confidentiality or availability impact as per the CVE metrics; no specific exploit details or patches are provi...

4.3CVSS6AI score0.01929EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.18 views

CVE-2004-2200

Cross-site scripting XSS vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary web script or HTML via via the message text...

4.3CVSS5.7AI score0.01938EPSS
Exploits1References4
NVD
NVD
added 2003/12/31 5:0 a.m.17 views

CVE-2003-1531

Cross-site scripting XSS vulnerability in testcgi.exe in Lilikoi Software Ceilidh 2.70 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string...

4.3CVSS5.7AI score0.01264EPSS
Exploits1References6
Rows per page
Query Builder