Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-15814
Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML.
Sentrifugo Sentrifugo 3.2
1 EDB exploit
NA
CVE-2012-1979
Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the email parameter (aka Email address field) in an edit_user configuration action.
Syndeocms Syndeocms 2.8.02
Syndeocms Syndeocms 2.4
Syndeocms Syndeocms 2.8.1
Syndeocms Syndeocms 2.5.01
Syndeocms Syndeocms 2.6.00
Syndeocms Syndeocms 2.5.00
Syndeocms Syndeocms
Syndeocms Syndeocms 2.9.00
Syndeocms Syndeocms 2.7.00
Syndeocms Syndeocms 2.8.00
Syndeocms Syndeocms 2.4.10
Syndeocms Syndeocms 3.0.00
1 EDB exploit
5.4
CVSSv3
CVE-2020-8777
Alfresco Enterprise prior to 5.2.7 and Alfresco Community prior to 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document.
Alfresco Alfresco
1 EDB exploit
NA
CVE-2010-4909
Multiple cross-site scripting (XSS) vulnerabilities in PaysiteReviewCMS 1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) q parameter to search.php or the (2) image parameter to image.php.
Mechbunny Paysitereviewcms 1.1
2 EDB exploits
4.8
CVSSv3
CVE-2018-11332
Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote malicious users to inject arbitrary web script or HTML via a crafted site name to the manager/processors/sav...
Clippercms Clippercms 1.3.3
1 EDB exploit
6.1
CVSSv3
CVE-2018-11339
An XSS issue exists in Frappe ERPNext v11.x.x-develop b1036e5 via a comment.
Frappe Erpnext 11.x.x-develop B1036e5
1 EDB exploit
5.4
CVSSv3
CVE-2017-3131
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 up to and including 5.4.4 and 5.6.0 allows malicious users to execute unauthorized code or commands via the filter input in "Applications" under FortiView.
Fortinet Fortios 5.6.0
Fortinet Fortios 5.4.3
Fortinet Fortios 5.4.0
Fortinet Fortios 5.4.1
Fortinet Fortios 5.4.2
Fortinet Fortios 5.4.4
1 EDB exploit
NA
CVE-2013-2750
Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 prior to 1.0.3 allows remote malicious users to inject arbitrary web script or HTML via the query string.
E107 E107 0.7.10
E107 E107 0.7.7
E107 E107 0.7.13
E107 E107 0.7.4
E107 E107 0.7.26
E107 E107 1.0.1
E107 E107 0.7.14
E107 E107 0.7.5
E107 E107 0.7.2
E107 E107 0.7.11
E107 E107 0.7.1
E107 E107 0.7.19
E107 E107 0.7.16
E107 E107 0.7.15
E107 E107 0.7.22
E107 E107 0.7.12
E107 E107 0.7.17
E107 E107 0.7.8
E107 E107 0.7.20
E107 E107 0.7.9
E107 E107 0.7.0
E107 E107 0.7.18
1 EDB exploit
6.1
CVSSv3
CVE-2018-19136
DomainMOD up to and including 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter.
Domainmod Domainmod
1 EDB exploit
5.4
CVSSv3
CVE-2020-8776
Alfresco Enterprise prior to 5.2.7 and Alfresco Community prior to 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file.
Alfresco Alfresco
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »