Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
355
VMScore
CVE-2018-8732
Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via the virtual_del parameter.
Wampserver Wampserver 3.1.1
1 EDB exploit
380
VMScore
CVE-2008-2037
Multiple cross-site scripting (XSS) vulnerabilities in EditeurScripts EsContacts 1.0 allow remote authenticated users to inject arbitrary web script or HTML via the msg parameter to (1) login.php, (2) importer.php, (3) add_groupe.php, (4) contacts.php, (5) groupes.php, and (6) se...
Editeurscripts Escontacts 1.0
6 EDB exploits
710
VMScore
CVE-2007-0056
Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter to (a) ashop/catalogue.php and (b) ashop/basket.php, the (2) exp parameter to ashop...
Ashopsoftware Ashop Administration Panel
Ashopsoftware Ashop Deluxe 4.5
6 EDB exploits
460
VMScore
CVE-2009-4717
Multiple cross-site scripting (XSS) vulnerabilities in Gonafish WebStatCaffe allow remote malicious users to inject arbitrary web script or HTML via the (1) host parameter to stat/host.php, nodayshow parameter to (2) mostvisitpage.php and (3) visitorduration.php in stat/, (4) nop...
Gonafish Webstatcaffe
6 EDB exploits
460
VMScore
CVE-2009-4548
Multiple cross-site scripting (XSS) vulnerabilities in ViArt Helpdesk 3.x allow remote malicious users to inject arbitrary web script or HTML via the category_id parameter to (1) products.php, (2) article.php, (3) product_details.php, or (4) reviews.php; the (5) forum_id paramete...
Viart Viart Helpdesk 3.4.7
Viart Viart Helpdesk 3.3.2
6 EDB exploits
460
VMScore
CVE-2009-2780
Multiple cross-site scripting (XSS) vulnerabilities in 68 Classifieds 4.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter to category.php, view parameter to (2) login.php and (3) viewlisting.php, page parameter to (4) searchresults.ph...
68 Classifieds 68 Classifieds 4.1
6 EDB exploits
440
VMScore
CVE-2019-11398
Multiple cross-site scripting (XSS) vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote malicious users to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/ind...
Ulicms Ulicms 2019.2
Ulicms Ulicms 2019.1
2 EDB exploits
450
VMScore
CVE-2007-6646
Multiple cross-site scripting (XSS) vulnerabilities in LiveCart 1.0.1, and possibly other versions prior to 1.1.0, allow remote malicious users to inject arbitrary web script or HTML via (1) the return parameter to user/remindPassword, (2) the q parameter to the category script, ...
Integry Systems Livecart 1.0.1
4 EDB exploits
445
VMScore
CVE-2006-1233
Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote malicious users to inject arbitrary web script or HTML via the (1) ArtCat parameter to wmview.php, (2) ctrrowcol parameter to footer.php, or (3) ArtID parameter to wmcomments.php.
Mikael Software Wmnews
3 EDB exploits
445
VMScore
CVE-2008-1621
Multiple cross-site scripting (XSS) vulnerabilities in GeeCarts allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) show.php, (2) search.php, and (3) view.php. NOTE: the provenance of this information is unknown; the details are obtaine...
Geertsen Holdings Inc Geecarts
3 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »