CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

OSV•added 2018/02/16 2:29 p.m.•0 views

CVE-2018-6943

core/lib/upload/um-image-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable...

6.1CVSS5.7AI score

Exploits0References2

UbuntuCve•added 2007/09/26 10:17 p.m.•15 views

CVE-2007-5106

Cross-site scripting XSS vulnerability in wp-register.php in WordPress 2.0 allows remote attackers to inject arbitrary web script or HTML via the userlogin parameter...

4.3CVSS6.1AI score0.00391EPSS

Exploits1References2

NVD•added 2007/09/26 10:17 p.m.•11 views

CVE-2007-5106

Cross-site scripting XSS vulnerability in wp-register.php in WordPress 2.0 allows remote attackers to inject arbitrary web script or HTML via the userlogin parameter...

4.3CVSS5.6AI score0.00391EPSS

Exploits1References5

Debian CVE•added 2007/09/26 10:0 p.m.•13 views

CVE-2007-5105

Cross-site scripting XSS vulnerability in wp-register.php in WordPress 2.0 and 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the useremail parameter...

4.3CVSS4.2AI score0.01749EPSS

Exploits0

Debian CVE•added 2007/09/26 10:0 p.m.•21 views

CVE-2007-5106

Cross-site scripting XSS vulnerability in wp-register.php in WordPress 2.0 allows remote attackers to inject arbitrary web script or HTML via the userlogin parameter...

4.3CVSS4.2AI score0.00391EPSS

Exploits1

Cvelist•added 2007/09/26 10:0 p.m.•18 views

CVE-2007-5106

Cross-site scripting XSS vulnerability in wp-register.php in WordPress 2.0 allows remote attackers to inject arbitrary web script or HTML via the userlogin parameter...

5.6AI score0.00391EPSS

Exploits1References5

CVE•added 2007/09/26 10:0 p.m.•57 views

CVE-2007-5106

CVE-2007-5106 describes an XSS vulnerability in WordPress 2.0 related to wp-register.php where an attacker can inject arbitrary script/HTML via the user_login parameter. The issue is documented across multiple sources (NVD/Ubuntu/Debian/OSV and WPVulnDB) with the affected component being WordPres...

4.3CVSS5.6AI score0.00391EPSS

Exploits1References5Affected Software1

Prion•added 2007/02/21 5:28 p.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the wpexplainnonce function in the nonce AYS functionality wp-includes/functions.php for WordPress 2.0 before 2.0.9 and 2.1 before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the file parameter to wp-admin/templates.php, and...

4.3CVSS5.9AI score0.06232EPSS

Exploits1References10Affected Software1

securityvulns•added 2005/12/30 12:0 a.m.•26 views

Advisory 26/2005: TinyMCE Compressor Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: TinyMCE Compressor Vulnerabilities Release Date: 2005/12/29 Last Modified: 2005/12/29 Author: Stefan Esser [email protected] Application: TinyMCE Compressor = 1.0.5...

6.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by