Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-4707
Cross-site scripting (XSS) vulnerability in IPython prior to 3.2 allows remote malicious users to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/notebooks path.
Ipython Ipython
3.5
CVSSv2
CVE-2015-0513
Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in EMC M&R (aka Watch4Net) prior to 6.5u1 and ViPR SRM prior to 3.6.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging privileged access to set crafte...
Emc Watch4net
Emc Vipr Srm
4.3
CVSSv2
CVE-2014-9325
Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) QUERYSTRING variable in lib/TWiki.pm or (2) QUERYPARAMSTRING variable in lib/TWiki/UI/View.pm, as demonstrated by the QUERY_STRING to...
Twiki Twiki 6.0.1
6.8
CVSSv2
CVE-2014-9395
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simplelife plugin 1.2 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) simpleh...
Simplelife Project Simplelife
6.8
CVSSv2
CVE-2014-9399
Cross-site request forgery (CSRF) vulnerability in the TweetScribe plugin 1.1 and previous versions for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the tweetscribe_username...
Tweetscribe Project Tweetscribe
4.3
CVSSv2
CVE-2014-2280
Cross-site scripting (XSS) vulnerability in the search feature in SeedDMS (formerly LetoDMS and MyDMS) prior to 4.3.4 allows remote malicious users to inject arbitrary web script or HTML via the query parameter.
Seeddms Seeddms
Seeddms Seeddms 3.4.3
Seeddms Seeddms 3.3.12
4.3
CVSSv2
CVE-2013-4433
Cross-site scripting (XSS) vulnerability in XHProf prior to 0.9.4 allows remote malicious users to inject arbitrary web script or HTML via the run parameter.
Php Xhprof 0.9.1
Php Xhprof 0.9.0
Php Xhprof 0.9.2
Php Xhprof
6.8
CVSSv2
CVE-2014-9338
Multiple cross-site request forgery (CSRF) vulnerabilities in the O2Tweet plugin 0.0.4 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) o2t_user...
O2tweet Project O2tweet
6.8
CVSSv2
CVE-2014-9339
Multiple cross-site request forgery (CSRF) vulnerabilities in the SPNbabble plugin 1.4.1 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) userna...
Jayde Online Spnbabble 1.4.1
6.8
CVSSv2
CVE-2014-9340
Multiple cross-site request forgery (CSRF) vulnerabilities in the wpCommentTwit plugin 0.5 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) user...
Wpcommenttwit Project Wpcommenttwit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »