Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stored xss vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4972
Multiple cross-site scripting (XSS) vulnerabilities in Layton Helpbox 4.4.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) sys_solution_id, (2) sys_requesttype_id, (3) sys_problem_desc, (4) sys_solution_desc, (5) sys_problemsummary, (6) usr_Action...
Layton Technology Helpbox 4.4.0
5.4
CVSSv3
CVE-2024-20270
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote malicious user to conduct a stored cross-site scripting (XSS) attack against a user of the i...
Cisco Broadworks Xtended Services Platform
Cisco Broadworks Xtended Services Platform 23.0.2024.01
Cisco Broadworks Application Delivery Platform
Cisco Broadworks Application Delivery Platform 23.0.2024.01
4.8
CVSSv3
CVE-2019-12668
A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote malicious user to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The ...
Cisco Ios Xe
Cisco Ios Xe 3.10e
Cisco Ios Xe 3.6e
Cisco Ios 15.2\\(3\\)ea
Cisco Ios 15.2\\(4\\)ec
Cisco Ios 15.2\\(4\\)e
Cisco Ios 15.2\\(5\\)e
Cisco Ios 15.2\\(6\\)e
Cisco Ios 15.2\\(7\\)e
Cisco Ios Xe 3.7e
Cisco Ios Xe 3.8e
Cisco Ios 15.2\\(5\\)ea
Cisco Ios 15.2\\(5\\)ex
Cisco Ios 15.2\\(2\\)e
Cisco Ios Xe 3.9e
Cisco Ios Xe 16.1.1
Cisco Ios 15.2\\(3\\)e
Cisco Ios 15.2\\(2\\)ea
Cisco Ios 15.2\\(4\\)ea
6.1
CVSSv3
CVE-2023-20222
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface on an aff...
Cisco Evolved Programmable Network Manager
Cisco Prime Infrastructure
NA
CVE-2015-1028
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2730B router (rev C1) with firmware GE_1.01 allow remote authenticated users to inject arbitrary web script or HTML via the (1) domainname parameter to dnsProxy.cmd (DNS Proxy Configuration Panel); the (2) brName p...
Dlink Dsl-2730b Firmware Ge 1.01
3 EDB exploits
NA
CVE-2012-3871
Cross-site scripting (XSS) vulnerability in data/hybrid/i_hybrid.php in Open Constructor 3.12.0 allows remote authenticated users to inject arbitrary web script or HTML via the header parameter.
Openconstructor Project Openconstructor 3.12.0
6.1
CVSSv3
CVE-2017-15878
A cross-site scripting (XSS) vulnerability exists in fields/types/markdown/MarkdownType.js in KeystoneJS prior to 4.0.0-beta.7 via the Contact Us feature.
Keystonejs Keystone
1 EDB exploit
6.1
CVSSv3
CVE-2018-8729
Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin prior to 2.4.1 for WordPress allow remote malicious users to inject arbitrary JavaScript or HTML via a title that is not escaped.
Pojo Activity Log
1 EDB exploit
6.1
CVSSv3
CVE-2016-3670
Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay prior to 7.0.0 CE RC1 allows remote malicious users to inject arbitrary web script or HTML via the FirstName field.
Liferay Liferay Portal
1 EDB exploit
6.1
CVSSv3
CVE-2018-9844
The Iptanus WordPress File Upload plugin prior to 4.3.4 for WordPress mishandles Settings attributes, leading to XSS.
Iptanus Wordpress File Upload
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »