Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-8732
Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via the virtual_del parameter.
Wampserver Wampserver 3.1.1
1 EDB exploit
NA
CVE-2009-2780
Multiple cross-site scripting (XSS) vulnerabilities in 68 Classifieds 4.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter to category.php, view parameter to (2) login.php and (3) viewlisting.php, page parameter to (4) searchresults.ph...
68 Classifieds 68 Classifieds 4.1
6 EDB exploits
NA
CVE-2008-2037
Multiple cross-site scripting (XSS) vulnerabilities in EditeurScripts EsContacts 1.0 allow remote authenticated users to inject arbitrary web script or HTML via the msg parameter to (1) login.php, (2) importer.php, (3) add_groupe.php, (4) contacts.php, (5) groupes.php, and (6) se...
Editeurscripts Escontacts 1.0
6 EDB exploits
NA
CVE-2007-0056
Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter to (a) ashop/catalogue.php and (b) ashop/basket.php, the (2) exp parameter to ashop...
Ashopsoftware Ashop Administration Panel
Ashopsoftware Ashop Deluxe 4.5
6 EDB exploits
NA
CVE-2009-4717
Multiple cross-site scripting (XSS) vulnerabilities in Gonafish WebStatCaffe allow remote malicious users to inject arbitrary web script or HTML via the (1) host parameter to stat/host.php, nodayshow parameter to (2) mostvisitpage.php and (3) visitorduration.php in stat/, (4) nop...
Gonafish Webstatcaffe
6 EDB exploits
NA
CVE-2009-4548
Multiple cross-site scripting (XSS) vulnerabilities in ViArt Helpdesk 3.x allow remote malicious users to inject arbitrary web script or HTML via the category_id parameter to (1) products.php, (2) article.php, (3) product_details.php, or (4) reviews.php; the (5) forum_id paramete...
Viart Viart Helpdesk 3.3.2
Viart Viart Helpdesk 3.4.7
6 EDB exploits
6.1
CVSSv3
CVE-2019-11398
Multiple cross-site scripting (XSS) vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote malicious users to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/ind...
Ulicms Ulicms 2019.1
Ulicms Ulicms 2019.2
2 EDB exploits
NA
CVE-2007-6646
Multiple cross-site scripting (XSS) vulnerabilities in LiveCart 1.0.1, and possibly other versions prior to 1.1.0, allow remote malicious users to inject arbitrary web script or HTML via (1) the return parameter to user/remindPassword, (2) the q parameter to the category script, ...
Integry Systems Livecart 1.0.1
4 EDB exploits
NA
CVE-2009-3186
Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ allow remote malicious users to inject arbitrary web script or HTML via the (1) t parameter to forum.php, (2) profile_name parameter to profile.php, and (3) p parameter to view.php.
Videogirls Videogirls Biz
3 EDB exploits
NA
CVE-2006-1233
Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote malicious users to inject arbitrary web script or HTML via the (1) ArtCat parameter to wmview.php, (2) ctrrowcol parameter to footer.php, or (3) ArtID parameter to wmcomments.php.
Mikael Software Wmnews
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »