Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflected xss vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2018-1002001
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
4.8
CVSSv3
CVE-2018-1002004
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
4.8
CVSSv3
CVE-2018-1002006
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes
Kibokolabs Arigato Autoresponder And Newsletter
1 EDB exploit
4.8
CVSSv3
CVE-2018-1002007
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable html_id.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
5.4
CVSSv3
CVE-2017-6605
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to conduct a reflective cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. ...
Cisco Identity Services Engine 2.1(0.800)
6.1
CVSSv3
CVE-2020-3463
A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. The vulnerability is du...
Cisco Webex Meetings Online
6.1
CVSSv3
CVE-2023-20068
A vulnerability in the web-based management interface of Cisco Prime Infrastructure Software could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is...
Cisco Prime Infrastructure
6.1
CVSSv3
CVE-2018-11027
A reflected XSS vulnerability on Ruckus ICX7450-48 devices allows remote malicious users to inject arbitrary web script or HTML.
Ruckussecurity Icx7450-48 Firmware -
6.1
CVSSv3
CVE-2020-26583
An issue exists in Sage DPW 2020_06_x prior to 2020_06_002. It allows unauthenticated users to upload JavaScript (in a file) via the expenses claiming functionality. However, to view the file, authentication is required. By exploiting this vulnerability, an attacker can persisten...
Sagedpw Sage Dpw
6.1
CVSSv3
CVE-2020-26584
An issue exists in Sage DPW 2020_06_x prior to 2020_06_002. The search field "Kurs suchen" on the page Kurskatalog is vulnerable to Reflected XSS. If the attacker can lure a user into clicking a crafted link, he can execute arbitrary JavaScript code in the user's b...
Sagedpw Sage Dpw
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »