Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27433 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 2:45 a.m.7 views

CVE-2012-1081

Cross-site scripting XSS vulnerability in the Yet another Google search yagooglesearch extension before 0.3.10 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01148EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:45 a.m.4 views

CVE-2012-1080

Cross-site scripting XSS vulnerability in the Euro Calculator skteurocalc extension 0.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01135EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:44 a.m.9 views

CVE-2010-5303

Cross-site scripting XSS vulnerability in the displayError function in timthumb.php in TimThumb before 1.15 r85, as used in multiple products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to $errorString...

4.3CVSS5.9AI score0.00942EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:44 a.m.7 views

CVE-2013-4951

Multiple cross-site scripting XSS vulnerabilities in Mintboard 0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 pass parameter in views/login.php or 3 name or 4 pass parameter in views/signup.php...

4.3CVSS5.9AI score0.01642EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:44 a.m.8 views

CVE-2013-4946

Multiple cross-site scripting XSS vulnerabilities in BMC Service Desk Express SDE 10.2.1.95 allow remote attackers to inject arbitrary web script or HTML via the 1 SelTab parameter to QVadmin.aspx, the 2 CallBack parameter to QVgrid.aspx, or the 3 HelpPage parameter to commonhelp.aspx...

4.3CVSS6AI score0.01613EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:43 a.m.8 views

CVE-2012-1019

Multiple cross-site scripting XSS vulnerabilities in XWiki Enterprise 3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 XWiki.XWikiCommentscomment parameter to xwiki/bin/commentadd/Main/WebHome, 2 XWiki.XWikiUsers0company parameter when editing a user profile, or 3...

4.3CVSS5.9AI score0.01194EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:35 a.m.6 views

CVE-2012-0873

Multiple cross-site scripting XSS vulnerabilities in Boonex Dolphin before 7.0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 explain parameter to explanation.php or the 2 photosonly, 3 onlineonly, or 4 mode parameters to viewFriends.php...

4.3CVSS5.9AI score0.04303EPSS
Exploits2References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:28 a.m.7 views

CVE-2011-1335

Cross-site scripting XSS vulnerability in Cybozu Office 6, 7, and 8 before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "address book and user list functions."...

4.3CVSS5.8AI score0.01263EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:22 a.m.7 views

CVE-2012-4397

Multiple cross-site scripting XSS vulnerabilities in ownCloud before 4.0.1 allow remote attackers to inject arbitrary web script or HTML via the 1 calendar displayname to part.choosecalendar.rowfields.php or 2 part.choosecalendar.rowfields.shared.php in apps/calendar/templates/; or 3 unspecified...

4.3CVSS5.9AI score0.01914EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:18 a.m.5 views

CVE-2014-9446

Multiple cross-site scripting XSS vulnerabilities in the Staff client in Koha before 3.16.6 and 3.18.x before 3.18.2 allow remote attackers to inject arbitrary web script or HTML via the sortby parameter to the 1 opac parameter in opac-search.pl or 2 intranet parameter in catalogue/search.pl...

4.3CVSS6AI score0.0122EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:12 a.m.21 views

CVE-2012-4340

Cross-site scripting XSS vulnerability in Sybase EAServer before 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00931EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:12 a.m.19 views

CVE-2014-9444

Cross-site scripting XSS vulnerability in the Frontend Uploader plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the errorsfu-disallowed-mime-type0name parameter to the default URI...

4.3CVSS6AI score0.06701EPSS
Exploits2References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:10 a.m.12 views

CVE-2012-0311

Cross-site scripting XSS vulnerability in osCommerce 2.2MS1J before R9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01145EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:10 a.m.10 views

CVE-2012-4283

Cross-site scripting XSS vulnerability in the Login With Ajax plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the callback parameter...

4.3CVSS6AI score0.02058EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:9 a.m.9 views

CVE-2012-0285

Multiple cross-site scripting XSS vulnerabilities in Stoneware webNetwork before 6.0.8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01606EPSS
Exploits4References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:9 a.m.7 views

CVE-2012-4267

Cross-site scripting XSS vulnerability in user/register in Sockso 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter...

4.3CVSS5.9AI score0.03556EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 2:7 a.m.7 views

CVE-2012-4236

Cross-site scripting XSS vulnerability in the refreshpage function in application/modules/main/views/top.php in Total Shop UK eCommerce Open Source before 2.1.2p1 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

4.3CVSS5.9AI score0.01633EPSS
Exploits2References1
RedhatCVE
RedhatCVEadded 2025/05/22 1:59 a.m.7 views

CVE-2010-1872

Cross-site scripting XSS vulnerability in cPlayer.php in FlashCard 2.6.5 and 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: some of these details are obtained from third party information...

4.3CVSS5.9AI score0.01453EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 1:58 a.m.6 views

CVE-2010-1854

Cross-site scripting XSS vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the idauk parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; th...

7.5CVSS6.2AI score0.01588EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 1:55 a.m.5 views

CVE-2011-5312

Multiple cross-site scripting XSS vulnerabilities in Gollos 2.8 allow remote attackers to inject arbitrary web script or HTML via the returnurl parameter to 1 register.aspx, 2 publication/info.aspx, or 3 user/add.aspx, or 4 the q parameter to product/list.aspx...

4.3CVSS6AI score0.00966EPSS
Exploits1References1
Rows per page
Query Builder