Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-18548
ajenticp (aka Ajenti Docker control panel) for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager.
Ajenti Ajenticp
1 EDB exploit
6.1
CVSSv3
CVE-2018-5479
FoxSash ImgHosting 1.5 (according to footer information) is vulnerable to XSS attacks. The affected function is its search engine via the search parameter to the default URI. Since there is an user/admin login interface, it's possible for malicious users to steal sessions of...
Foxsash Imghosting 1.5
1 EDB exploit
6.1
CVSSv3
CVE-2016-9834
An XSS vulnerability allows remote malicious users to execute arbitrary client side script on vulnerable installations of Sophos Cyberoam firewall devices with firmware up to and including 10.6.4. User interaction is required to exploit this vulnerability in that the target must ...
Sophos Cyberoam Firmware
1 EDB exploit
6.1
CVSSv3
CVE-2018-7653
In YzmCMS 3.6, index.php has XSS via the a, c, or m parameter.
Yzmcms Yzmcms 3.6
1 EDB exploit
5.4
CVSSv3
CVE-2018-12095
A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php.
Oecms Project Oecms 3.1
1 EDB exploit
6.1
CVSSv3
CVE-2019-15811
In DomainMOD up to and including 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS.
Domainmod Domainmod
1 EDB exploit
6.1
CVSSv3
CVE-2019-12562
Stored Cross-Site Scripting in DotNetNuke (DNN) Version prior to 9.4.0 allows remote malicious users to store and embed the malicious script into the admin notification page. The exploit could be used to perfom any action with admin privileges such as managing content, adding use...
Dnnsoftware Dotnetnuke
1 EDB exploit
1 Github repository
4.8
CVSSv3
CVE-2019-13029
Multiple stored Cross-site scripting (XSS) issues in the admin panel and survey system in REDCap 8 prior to 8.10.20 and 9 prior to 9.1.2 allow an malicious user to inject arbitrary malicious HTML or JavaScript code into a user's web browser.
Vanderbilt Redcap
1 EDB exploit
5.4
CVSSv3
CVE-2019-13977
index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&idx=create&userid=0&bgrp=y, tg=delegat, tg=site&idx=create, tg=site&item=4, tg=admdir&idx=mdb&id=1, tg=notes&idx=Create, tg=admfaqs&idx=Add, or tg=admoc&idx=addoc&item=.
Ovidentia Ovidentia 8.4.3
1 EDB exploit
4.6
CVSSv3
CVE-2018-8815
Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote malicious users to inject arbitrary web script or HTML via a malicious SVG image.
Alkacon Opencms 10.5.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »