Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2014-9395
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simplelife plugin 1.2 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) simpleh...
Simplelife Project Simplelife
605
VMScore
CVE-2014-9396
Multiple cross-site request forgery (CSRF) vulnerabilities in the SimpleFlickr plugin 3.0.3 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) sim...
Simpleflickr Project Simpleflickr
605
VMScore
CVE-2014-9399
Cross-site request forgery (CSRF) vulnerability in the TweetScribe plugin 1.1 and previous versions for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the tweetscribe_username...
Tweetscribe Project Tweetscribe
383
VMScore
CVE-2007-3056
Cross-site scripting (XSS) vulnerability in filedetails.php in WebSVN 2.0rc4, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via the path parameter.
Websvn Websvn
383
VMScore
CVE-2005-4305
Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1, and 0.9.2 allows remote malicious users to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it is returned in an error page.
Edgewall Software Trac 0.9.1
Edgewall Software Trac 0.9
Edgewall Software Trac 0.9.2
801
VMScore
CVE-2013-6990
FortiGuard FortiAuthenticator prior to 3.0 allows remote administrators to gain privileges via the command line interface.
Fortinet Fortiauthenticator
605
VMScore
CVE-2014-9338
Multiple cross-site request forgery (CSRF) vulnerabilities in the O2Tweet plugin 0.0.4 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) o2t_user...
O2tweet Project O2tweet
605
VMScore
CVE-2014-9339
Multiple cross-site request forgery (CSRF) vulnerabilities in the SPNbabble plugin 1.4.1 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) userna...
Jayde Online Spnbabble 1.4.1
605
VMScore
CVE-2014-9340
Multiple cross-site request forgery (CSRF) vulnerabilities in the wpCommentTwit plugin 0.5 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) user...
Wpcommenttwit Project Wpcommenttwit
312
VMScore
CVE-2012-3871
Cross-site scripting (XSS) vulnerability in data/hybrid/i_hybrid.php in Open Constructor 3.12.0 allows remote authenticated users to inject arbitrary web script or HTML via the header parameter.
Openconstructor Project Openconstructor 3.12.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »