Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netsparker.com vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-7324
app/Core/Paginator.php in Kanboard prior to 1.2.8 has XSS in pagination sorting.
Kanboard Kanboard
NA
CVE-2015-6238
Multiple cross-site scripting (XSS) vulnerabilities in the Google Analyticator plugin prior to 6.4.9.6 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) ga_adsense, (2) ga_admin_disable_DimentionIndex, (3) ga_downloads_prefix, (4) ga_do...
Sumome Google Analyticator
NA
CVE-2015-6584
Cross-site scripting (XSS) vulnerability in the DataTables plugin 1.10.8 and previous versions for jQuery allows remote malicious users to inject arbitrary web script or HTML via the scripts parameter to media/unit_testing/templates/6776.php.
Sprymedia Datatables
6.1
CVSSv3
CVE-2015-7391
Multiple cross-site scripting (XSS) vulnerabilities in TestLink prior to 1.9.14 allow remote malicious users to inject arbitrary web script or HTML via the (1) selected_end_date or (2) selected_start_date parameter to lib/results/tcCreatedPerUserOnTestProject.php; the (3) contain...
Testlink Testlink
6.1
CVSSv3
CVE-2018-20121
Podcast Generator 2.7 has stored cross-site scripting (XSS) via the URL addcategory parameter.
Podcastgenerator Podcast Generator 2.7
6.1
CVSSv3
CVE-2018-20141
AbanteCart 1.2.12 has reflected cross-site scripting (XSS) via the sort parameter, as demonstrated by a /apparel--accessories?sort= substring.
Abantecart Abantecart 1.2.12
6.1
CVSSv3
CVE-2018-19782
Multiple cross-site scripting (XSS) vulnerabilities in GET requests in FreshRSS 1.11.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) c parameter or (2) a parameter.
Freshrss Freshrss 1.11.1
6.1
CVSSv3
CVE-2019-9839
VFront 0.99.5 has Reflected XSS via the admin/menu_registri.php descrizione_g parameter or the admin/sync_reg_tab.php azzera parameter.
Vfront Vfront 0.99.5
6.1
CVSSv3
CVE-2018-19414
Multiple cross-site scripting (XSS) vulnerabilities in Plikli CMS 4.0.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) keyword parameter to groups.php; (2) username parameter to login.php; or (3) date parameter to search.php.
Plikli Plikli Cms 4.0.0
NA
CVE-2014-6280
Multiple cross-site scripting (XSS) vulnerabilities in OSClass prior to 3.4.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) action or (2) nsextt parameter to oc-admin/index.php or the (3) nsextt parameter in an items_reported action to oc-admin/i...
Osclass Osclass
Osclass Osclass 3.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »