Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflected xss vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-11559
A reflected Cross-site scripting (XSS) vulnerability in HRworks V 1.16.1 allows remote malicious users to inject arbitrary web script or HTML via the URL parameter to the Login component.
Hrworks Hrworks 1.16.1
4.3
CVSSv2
CVE-2012-1825
Multiple cross-site scripting (XSS) vulnerabilities in the status program on the ForeScout CounterACT appliance with software 6.3.3.2 up to and including 6.3.4.10 allow remote malicious users to inject arbitrary web script or HTML via (1) the loginname parameter in a forgotpass a...
Forescout Counteract 6.3.4.10
Forescout Counteract 6.3.3.2
NA
CVE-2018-17864
SAP J2EE Engine/7.01/Fiori Reflected Cross Site Scripting (XSS)
4.3
CVSSv2
CVE-2019-9908
The font-organizer plugin 2.1.1 for WordPress has wp-admin/options-general.php manage_font_id XSS.
Hivewebstudios Font Organizer 2.1.1
4.3
CVSSv2
CVE-2019-9910
The kingcomposer plugin 2.7.6 for WordPress has wp-admin/admin.php?page=kc-mapper id XSS.
King-theme Kingcomposer 2.7.6
4.3
CVSSv2
CVE-2019-9912
The wp-google-maps plugin prior to 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATH_INFO.
Codecabin Wp Go Maps
4.3
CVSSv2
CVE-2010-2914
Cross-site scripting (XSS) vulnerability in nessusd_www_server.nbin in the Nessus Web Server plugin 1.2.4 for Nessus allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Nessus Web Server Plugin 1.2.4
4.3
CVSSv2
CVE-2019-9576
The Blog2Social plugin prior to 5.0.3 for WordPress allows wp-admin/admin.php?page=blog2social-ship XSS.
Adenion Blog2social
4.3
CVSSv2
CVE-2019-9909
The "Donation Plugin and Fundraising Platform" plugin prior to 2.3.1 for WordPress has wp-admin/edit.php csv XSS.
Givewp Givewp
4.3
CVSSv2
CVE-2020-13944
In Apache Airflow < 1.10.12, the "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit.
Apache Airflow
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »