Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss man vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-17046
translate man prior to 2018-08-21 has XSS via containers/outputBox/outputBox.vue and store/index.js.
Translate Man Project Translate Man
NA
CVE-2005-4435
Cross-site scripting (XSS) vulnerability in index.php AbleDesign D-Man 3.x allows remote malicious users to inject arbitrary web script or HTML via the title parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informati...
Abledesign D-man 3.0
1 EDB exploit
NA
CVE-2013-1651
OXUpdater in Open-Xchange Server prior to 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof update servers and install arbitrary software via a crafted certificat...
Open-xchange Open-xchange Server 6.22.1
Open-xchange Open-xchange Server 6.22.0
Open-xchange Open-xchange Server 6.20.7
1 EDB exploit
8.1
CVSSv3
CVE-2018-6221
An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle malicious user to tamper with an update file and inject their own.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
8.2
CVSSv3
CVE-2016-2176
The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL prior to 1.0.1t and 1.0.2 prior to 1.0.2h allows remote malicious users to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data.
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2g
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl
Openssl Openssl 1.0.2f
Openssl Openssl 1.0.2d
1 Article
6.1
CVSSv3
CVE-2016-4897
Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin prior to 1.690.
Webmin Usermin
9.8
CVSSv3
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla Firefox
Apple Mac Os X
Suse Linux Enterprise Server 11
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mcafee Policy Auditor
Python Python
1 Article
NA
CVE-2023-45706
An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the Middle (MITM) exploit through SAML configuration.
NA
CVE-2003-0292
Cross-site scripting (XSS) vulnerability in Inktomi Traffic-Server 5.5.1 allows remote malicious users to insert arbitrary web script or HTML into an error page that appears to come from the domain that the client is visiting, aka "Man-in-the-Middle" XSS.
Inktomi Inktomi Traffic-server 5.5.1
4.7
CVSSv3
CVE-2016-0713
Gorouter in Cloud Foundry cf-release v141 through v228 allows man-in-the-middle malicious users to conduct cross-site scripting (XSS) attacks via vectors related to modified requests.
Cloudfoundry Cf-release 196
Cloudfoundry Cf-release 221
Cloudfoundry Cf-release 159
Cloudfoundry Cf-release 162
Cloudfoundry Cf-release 174
Cloudfoundry Cf-release 141
Cloudfoundry Cf-release 152
Cloudfoundry Cf-release 200
Cloudfoundry Cf-release 184
Cloudfoundry Cf-release 222
Cloudfoundry Cf-release 215
Cloudfoundry Cf-release 185
Cloudfoundry Cf-release 218
Cloudfoundry Cf-release 217
Cloudfoundry Cf-release 165
Cloudfoundry Cf-release 173
Cloudfoundry Cf-release 195
Cloudfoundry Cf-release 158
Cloudfoundry Cf-release 212
Cloudfoundry Cf-release 205
Cloudfoundry Cf-release 190
Cloudfoundry Cf-release 148
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »