CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27433 matches found

RedhatCVE•added 2025/05/22 12:50 a.m.•5 views

CVE-2015-6753

Multiple cross-site scripting XSS vulnerabilities in the Quick Edit module 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via an 1 entity title, related to in-place editing, or a 2 node title...

3.5CVSS5.6AI score0.00774EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:49 a.m.•11 views

CVE-2013-5690

Multiple cross-site scripting XSS vulnerabilities in Open-Xchange AppSuite before 7.2.2 allow remote authenticated users to inject arbitrary web script or HTML via 1 content with the text/xml MIME type or 2 the Status comment field of an appointment...

3.5CVSS5.5AI score0.00767EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:47 a.m.•7 views

CVE-2015-7307

Cross-site scripting XSS vulnerability in the CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the configuration page...

4.3CVSS5.9AI score0.0095EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:46 a.m.•7 views

CVE-2015-6509

Multiple cross-site scripting XSS vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 proxypass parameter to systemadvancedmisc.php; 2 adaptiveend, 3 adaptivestart, 4 maximumstates, 5 maximumtableentries, or 6 aliasesresolveinterval...

4.3CVSS5.9AI score0.02053EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:44 a.m.•9 views

CVE-2015-5529

Multiple cross-site scripting XSS vulnerabilities in Free Reprintables ArticleFR 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter to dashboard/settings/categories/, 2 title or 3 rel parameter to dashboard/settings/links/, or 4 url parameter to...

4.3CVSS5.9AI score0.03308EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 12:44 a.m.•5 views

CVE-2012-5181

Cross-site scripting XSS vulnerability in concrete5 Japanese 5.5.1 through 5.5.2.1 and concrete5 English 5.5.0 through 5.6.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.0143EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:42 a.m.•7 views

CVE-2012-5176

Cross-site scripting XSS vulnerability in KENT-WEB ACCESS REPORT 5.02 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to tag embedding...

4.3CVSS5.8AI score0.01148EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:34 a.m.•7 views

CVE-2014-4309

Multiple cross-site scripting XSS vulnerabilities in Openfiler 2.99 allow remote attackers to inject arbitrary web script or HTML via the 1 TinkerAjax parameter to uptime.html, or remote authenticated users to inject arbitrary web script or HTML via the 2 MaxInstances, 3 PassivePorts, 4 Port, 5...

4.3CVSS5.6AI score0.00984EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 12:34 a.m.•7 views

CVE-2014-3761

Cross-site scripting XSS vulnerability in D-Link DAP 1150 with firmware 1.2.94 allows remote attackers to inject arbitrary web script or HTML via the resbuf parameter to index.cgi in the Control/URL-filter section...

4.3CVSS6AI score0.00995EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 12:31 a.m.•8 views

CVE-2013-1781

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Professional theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

2.1CVSS5.5AI score0.00941EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:29 a.m.•5 views

CVE-2010-0328

Cross-site scripting XSS vulnerability in the Unit Converter cs2unitconv extension 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.0103EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:26 a.m.•7 views

CVE-2011-4708

Cross-site scripting XSS vulnerability in IBM Rational Asset Manager before 7.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.8AI score0.00921EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:25 a.m.•5 views

CVE-2010-2514

Cross-site scripting XSS vulnerability in the JFaq comjfaq component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the question parameter in an add2 action to index.php...

4.3CVSS6AI score0.01075EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 12:22 a.m.•5 views

CVE-2005-3730

Multiple cross-site scripting XSS vulnerabilities in HTTPTranslatorServlet in Idetix Software Systems Revize CMS allow remote attackers to inject arbitrary web script or HTML via the 1 resourcetype, 2 objectmap, and 3 redirect parameters, possibly involving setWebSpace.jsp...

4.3CVSS6.1AI score0.01736EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 12:21 a.m.•7 views

CVE-2005-1735

Multiple cross-site scripting XSS vulnerabilities in PROMS before 0.11 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS6AI score0.01164EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:20 a.m.•10 views

CVE-2005-1582

Cross-site scripting XSS vulnerability in index.php for 1Two News 1.0 allows remote attackers to inject arbitrary web script or HTML via the 1 nom, 2 email, 3 siteweb, or 4 commentaire variables...

4.3CVSS6AI score0.0101EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 12:17 a.m.•6 views

CVE-2005-1440

Multiple cross-site scripting XSS vulnerabilities in ViArt Shop Enterprise 2.1.6 allow remote attackers to inject arbitrary web script or HTML via 1 various parameters to basket.php, 2 the nickname, email, topic, and message fields in forum.php, as demonstrated using forumnewthread.php and...

6.8CVSS6AI score0.03187EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 12:17 a.m.•6 views

CVE-2005-2042

Cross-site scripting XSS vulnerability in ajax-spell before 1.8 allows remote attackers to inject arbitrary web script or HTML via onmouseover or other events in HTML tags...

4.3CVSS6AI score0.01177EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:15 a.m.•9 views

CVE-2005-2836

Multiple cross-site scripting XSS vulnerabilities in Phorum 5.0.17a and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the username parameter to register.php or 2 a signature of a logged-in user in "My Control Center," which is not properly handled by control.php...

4.3CVSS5.9AI score0.01256EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 12:13 a.m.•7 views

CVE-2005-4649

Multiple cross-site scripting XSS vulnerabilities in Advanced Guestbook 2.2 and 2.3.1 allow remote attackers to inject arbitrary web script or HTML via 1 the entry parameter in index.php and 2 the gbid parameter in comment.php. NOTE: The index.php/entry vector might be resultant from CVE-2005-154...

7.5CVSS5.9AI score0.01213EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by