Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflected xss vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-17865
A cross-site scripting (XSS) vulnerability in SAP J2EE Engine 7.01 allows remote malicious users to inject arbitrary web script via the wsdlPath parameter to /ctcprotocol/Protocol. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Sap J2ee Engine 7.01
383
VMScore
CVE-2018-19917
Microweber 1.0.8 has reflected cross-site scripting (XSS) vulnerabilities.
Microweber Microweber 1.0.8
383
VMScore
CVE-2018-17862
A cross-site scripting (XSS) vulnerability in SAP J2EE Engine/7.01/Fiori allows remote malicious users to inject arbitrary web script via the sys_jdbc parameter to /TestJDBC_Web/test2. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Sap J2ee Engine 7.01
383
VMScore
CVE-2020-11727
A cross-site scripting (XSS) vulnerability in the AlgolPlus Advanced Order Export For WooCommerce plugin 3.1.3 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the view/settings-form.php woe_post_type parameter.
Algolplus Advanced Order Export 3.1.3
383
VMScore
CVE-2018-17861
A cross-site scripting (XSS) vulnerability in SAP J2EE Engine/7.01/Portal/EPP allows remote malicious users to inject arbitrary web script via the wsdlLib parameter to /ctcprotocol/Protocol. NOTE: This vulnerability only affects products that are no longer supported by the mainta...
Sap J2ee Engine 7.01
383
VMScore
CVE-2018-13055
A cross-site scripting (XSS) vulnerability in the View Filters page (view_filters_page.php) in MantisBT 2.1.0 up to and including 2.15.0 allows remote malicious users to inject arbitrary code (if CSP settings permit it) through a crafted PATH_INFO.
Mantisbt Mantisbt
383
VMScore
CVE-2017-6761
A vulnerability in the web-based management interface of Cisco Finesse 10.6(1) and 11.5(1) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerab...
Cisco Finesse 11.5\\(1\\)
Cisco Finesse 10.6\\(1\\)
445
VMScore
CVE-2013-6229
Multiple cross-site scripting (XSS) vulnerabilities in Atmail Webmail Server 7.0.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) filter parameter to index.php/mail/mail/listfoldermessages/searching/true/selectFolder/INBOX/resultContext/searchResu...
Atmail Atmail 7.0.2
3 EDB exploits
312
VMScore
CVE-2019-19390
The Search parameter of the Software Catalogue section of Matrix42 Workspace Management 9.1.2.2765 and below accepts unfiltered parameters that lead to multiple reflected XSS issues.
Matrix42 Workspace Management
355
VMScore
CVE-2019-16172
LimeSurvey before v3.17.14 allows stored XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. The attack uses a survey group in which the title contains JavaScript that is mishandled upon group deletion.
Limesurvey Limesurvey
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »