Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflected xss vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-0406
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to conduct a reflected or Document Object Model based (DOM-based) cross-site scripting (XSS) attack against a user of the web-based ma...
Cisco Web Security Appliance 11.5.0-fcs-581
Cisco Web Security Appliance 10.1.2-003
Cisco Web Security Appliance 10.5.1-269
3.5
CVSSv2
CVE-2018-0408
A vulnerability in the web-based management interface of Cisco Small Business 300 Series (Sx300) Managed Switches could allow an authenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of a...
Cisco Sf300-08 Firmware
Cisco Sf302-08 Firmware
Cisco Sf302-08p Firmware
Cisco Sf302-08pp Firmware
Cisco Sf302-08mp Firmware
Cisco Sf302-08mpp Firmware
Cisco Sf300-24 Firmware
Cisco Sf300-24p Firmware
Cisco Sf300-24pp Firmware
Cisco Sf300-24mp Firmware
Cisco Sf300-48 Firmware
Cisco Sf300-48p Firmware
Cisco Sf300-48pp Firmware
Cisco Sg300-10 Firmware
Cisco Sg300-10sfp Firmware
Cisco Sg300-10p Firmware
Cisco Sg300-10pp Firmware
Cisco Sg300-10mp Firmware
Cisco Sg300-10mpp Firmware
Cisco Sg300-20 Firmware
Cisco Sg300-28 Firmware
Cisco Sg300-28p Firmware
4.3
CVSSv2
CVE-2014-8774
Cross-site scripting (XSS) vulnerability in manager/index.php in MODX Revolution 2.x prior to 2.2.15 allows remote malicious users to inject arbitrary web script or HTML via the context_key parameter.
Modx Modx Revolution 2.1.0
Modx Modx Revolution 2.1.1
Modx Modx Revolution 2.1.2
Modx Modx Revolution 2.1.3
Modx Modx Revolution 2.2.6
Modx Modx Revolution 2.2.7
Modx Modx Revolution 2.2.8
Modx Modx Revolution 2.2.9
Modx Modx Revolution 2.0.6
Modx Modx Revolution 2.0.8
Modx Modx Revolution 2.1.4
Modx Modx Revolution 2.2.0
Modx Modx Revolution 2.2.10
Modx Modx Revolution 2.2.2
Modx Modx Revolution 2.2.4
Modx Modx Revolution 2.0.0
Modx Modx Revolution 2.0.5
Modx Modx Revolution 2.0.7
Modx Modx Revolution 2.1.5
Modx Modx Revolution 2.2.1
Modx Modx Revolution 2.2.3
Modx Modx Revolution 2.2.5
1 EDB exploit
4.3
CVSSv2
CVE-2018-12653
A Reflected Cross Site Scripting (XSS) vulnerability exists in Adrenalin HRMS 5.4.0. An attacker can input malicious JavaScript code in /RPT/SSRSDynamicEditReports.aspx via 'ReportId' parameter.
Myadrenalin Adrenalin 5.4.0
1 EDB exploit
4.3
CVSSv2
CVE-2020-3599
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the we...
Cisco Adaptive Security Appliance
Cisco Adaptive Security Appliance Software
NA
CVE-2023-27572
An issue exists in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerability exists in the https_redirect.php web page via the page parameter.
Commscope Dg3450 Firmware Ar01.02.056.18 041520 711.ncs.10
6.5
CVSSv2
CVE-2019-9202
Nagios IM (component of Nagios XI) prior to 2.2.7 allows authenticated users to execute arbitrary code via API key issues.
Nagios Incident Manager
1 Github repository
7.2
CVSSv2
CVE-2019-9166
Privilege escalation in Nagios XI prior to 5.5.11 allows local malicious users to elevate privileges to root via write access to config.inc.php and import_xiconfig.php.
Nagios Nagios Xi
1 Github repository
7.5
CVSSv2
CVE-2019-9203
Authorization bypass in Nagios IM (component of Nagios XI) prior to 2.2.7 allows closing incidents in IM via the API.
Nagios Incident Manager
1 Github repository
7.5
CVSSv2
CVE-2019-9204
SQL injection vulnerability in Nagios IM (component of Nagios XI) prior to 2.2.7 allows malicious users to execute arbitrary SQL commands.
Nagios Incident Manager
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »