Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-15814
Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML.
Sentrifugo Sentrifugo 3.2
1 EDB exploit
6.1
CVSSv3
CVE-2017-3132
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and previous versions allows malicious users to Execute unauthorized code or commands via the action input during the activation of a FortiToken.
Fortinet Fortios
1 EDB exploit
NA
CVE-2013-0807
Cross-site scripting (XSS) vulnerability in the NewSectionPrompt function in include/tool/editing_page.php in gpEasy CMS 3.5.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the section parameter in a new_section action to index.php...
Gpeasy Gpeasy Cms 1.5
Gpeasy Gpeasy Cms 1.6.1
Gpeasy Gpeasy Cms 1.6.2
Gpeasy Gpeasy Cms 2.3.2
Gpeasy Gpeasy Cms 2.3.3
Gpeasy Gpeasy Cms 2.4
Gpeasy Gpeasy Cms 3.5
Gpeasy Gpeasy Cms 3.5.1
Gpeasy Gpeasy Cms 1.6
Gpeasy Gpeasy Cms 2.3
Gpeasy Gpeasy Cms 2.3.1
Gpeasy Gpeasy Cms 3.0.4
Gpeasy Gpeasy Cms 3.0.5
Gpeasy Gpeasy Cms 1.6.3
Gpeasy Gpeasy Cms 2.0.1
Gpeasy Gpeasy Cms 3.0
Gpeasy Gpeasy Cms 3.0.1
Gpeasy Gpeasy Cms
Gpeasy Gpeasy Cms 2.1
Gpeasy Gpeasy Cms 2.2
Gpeasy Gpeasy Cms 3.0.2
Gpeasy Gpeasy Cms 3.0.3
1 EDB exploit
6.1
CVSSv3
CVE-2018-19136
DomainMOD up to and including 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter.
Domainmod Domainmod
1 EDB exploit
4.8
CVSSv3
CVE-2018-19752
DomainMOD up to and including 4.11.01 has XSS via the assets/add/registrar.php notes field for the Registrar.
Domainmod Domainmod
6.1
CVSSv3
CVE-2020-28350
A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sokrates SOWA SowaSQL up to and including 5.6.1 via the sowacgi.php typ parameter.
Sokrates Sowasql
5.4
CVSSv3
CVE-2020-8777
Alfresco Enterprise prior to 5.2.7 and Alfresco Community prior to 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document.
Alfresco Alfresco
1 EDB exploit
NA
CVE-2012-4241
Multiple cross-site scripting (XSS) vulnerabilities in Microcart 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) PATH_INFO or (2) query string to _admin/index.php or (3) first_name, (4) last_name, (5) cc, (6) exp, (7) cvv, (8) address1, (9) add...
Microcart Project Microcart 1.0
4.8
CVSSv3
CVE-2018-11332
Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote malicious users to inject arbitrary web script or HTML via a crafted site name to the manager/processors/sav...
Clippercms Clippercms 1.3.3
1 EDB exploit
6.1
CVSSv3
CVE-2018-11339
An XSS issue exists in Frappe ERPNext v11.x.x-develop b1036e5 via a comment.
Frappe Erpnext 11.x.x-develop B1036e5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »