Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-9392
Cross-site request forgery (CSRF) vulnerability in the PictoBrowser (pictobrowser-gallery) plugin 0.3.1 and previous versions for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks vi...
Pictobrowser Project Pictobrowser
NA
CVE-2014-9395
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simplelife plugin 1.2 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) simpleh...
Simplelife Project Simplelife
9.1
CVSSv3
CVE-2018-14916
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion.
Loytec Lgate-902 Firmware
7.5
CVSSv3
CVE-2018-14918
LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal.
Loytec Lgate-902 Firmware
6.1
CVSSv3
CVE-2018-14919
LOYTEC LGATE-902 6.3.2 devices allow XSS.
Loytec Lgate-902 Firmware
9.8
CVSSv3
CVE-2017-7886
Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter.
Dolibarr Dolibarr Erp/crm 4.0.4
6.1
CVSSv3
CVE-2017-7887
Dolibarr ERP/CRM 4.0.4 has XSS in doli/societe/list.php via the sall parameter.
Dolibarr Dolibarr Erp/crm 4.0.4
9.8
CVSSv3
CVE-2017-7888
Dolibarr ERP/CRM 4.0.4 stores passwords with the MD5 algorithm, which makes brute-force attacks easier.
Dolibarr Dolibarr Erp/crm 4.0.4
NA
CVE-2014-7985
Directory traversal vulnerability in EspoCRM prior to 2.6.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the action parameter to install/index.php.
Espocrm Espocrm
NA
CVE-2014-7986
install/index.php in EspoCRM prior to 2.6.0 allows remote malicious users to re-install the application via a 1 value in the installProcess parameter.
Espocrm Espocrm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »