Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss man vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2017-7781
An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result "POINT_AT_INFINITY" when it should not. A man-in-the-middle attacker could use this to interfere with a connection, resulting in an att...
Mozilla Firefox
NA
CVE-2015-7873
The redirection feature in url.php in phpMyAdmin 4.4.x prior to 4.4.15.1 and 4.5.x prior to 4.5.1 allows remote malicious users to spoof content via the url parameter.
Phpmyadmin Phpmyadmin 4.4.0
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.6.1
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.13.1
Phpmyadmin Phpmyadmin 4.4.14
Phpmyadmin Phpmyadmin 4.4.1.1
Phpmyadmin Phpmyadmin 4.4.2
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.9
Phpmyadmin Phpmyadmin 4.4.14.1
Phpmyadmin Phpmyadmin 4.4.15
Phpmyadmin Phpmyadmin 4.5.0
Phpmyadmin Phpmyadmin 4.4.3
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.4.11
Phpmyadmin Phpmyadmin 4.5.0.1
Phpmyadmin Phpmyadmin 4.5.0.2
Phpmyadmin Phpmyadmin 4.4.5
Phpmyadmin Phpmyadmin 4.4.6
Phpmyadmin Phpmyadmin 4.4.12
NA
CVE-2014-8958
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x prior to 4.0.10.6, 4.1.x prior to 4.1.14.7, and 4.2.x prior to 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database, (2) table, or (3) column name that is ...
Phpmyadmin Phpmyadmin 4.0.10.3
Phpmyadmin Phpmyadmin 4.0.10.2
Phpmyadmin Phpmyadmin 4.0.4.2
Phpmyadmin Phpmyadmin 4.0.4.1
Phpmyadmin Phpmyadmin 4.1.14.5
Phpmyadmin Phpmyadmin 4.1.14.4
Phpmyadmin Phpmyadmin 4.1.11
Phpmyadmin Phpmyadmin 4.1.10
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.7
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.1.14.1
Phpmyadmin Phpmyadmin 4.1.14
Phpmyadmin Phpmyadmin 4.1.6
Phpmyadmin Phpmyadmin 4.1.5
Phpmyadmin Phpmyadmin 4.2.10.1
Phpmyadmin Phpmyadmin 4.2.9.1
Phpmyadmin Phpmyadmin 4.2.4
Phpmyadmin Phpmyadmin 4.2.3
Phpmyadmin Phpmyadmin 4.1.2
NA
CVE-2014-9218
libraries/common.inc.php in phpMyAdmin 4.0.x prior to 4.0.10.7, 4.1.x prior to 4.1.14.8, and 4.2.x prior to 4.2.13.1 allows remote malicious users to cause a denial of service (resource consumption) via a long password.
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.3
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.1.0
Phpmyadmin Phpmyadmin 4.1.14.1
Phpmyadmin Phpmyadmin 4.1.14.3
Phpmyadmin Phpmyadmin 4.1.7
Phpmyadmin Phpmyadmin 4.1.8
Phpmyadmin Phpmyadmin 4.2.10.1
Phpmyadmin Phpmyadmin 4.2.2
Phpmyadmin Phpmyadmin 4.2.8
Phpmyadmin Phpmyadmin 4.2.8.1
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.10
Phpmyadmin Phpmyadmin 4.0.4.2
Phpmyadmin Phpmyadmin 4.0.5
Phpmyadmin Phpmyadmin 4.1.11
Phpmyadmin Phpmyadmin 4.1.12
Phpmyadmin Phpmyadmin 4.1.3
Phpmyadmin Phpmyadmin 4.1.4
1 EDB exploit
NA
CVE-2015-6830
libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x prior to 4.3.13.2 and 4.4.x prior to 4.4.14.1 allows remote malicious users to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a s...
Phpmyadmin Phpmyadmin 4.4.4
Phpmyadmin Phpmyadmin 4.4.5
Phpmyadmin Phpmyadmin 4.4.11
Phpmyadmin Phpmyadmin 4.4.12
Phpmyadmin Phpmyadmin 4.3.12
Phpmyadmin Phpmyadmin 4.3.13.1
Phpmyadmin Phpmyadmin 4.3.9
Phpmyadmin Phpmyadmin 4.3.8
Phpmyadmin Phpmyadmin 4.4.0
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.4.7
Phpmyadmin Phpmyadmin 4.4.8
Phpmyadmin Phpmyadmin 4.4.14
Phpmyadmin Phpmyadmin 4.3.0
Phpmyadmin Phpmyadmin 4.3.1
Phpmyadmin Phpmyadmin 4.3.4
Phpmyadmin Phpmyadmin 4.3.5
Phpmyadmin Phpmyadmin 4.4.1.1
Phpmyadmin Phpmyadmin 4.4.3
Phpmyadmin Phpmyadmin 4.4.9
Phpmyadmin Phpmyadmin 4.4.10
Phpmyadmin Phpmyadmin 4.3.10
NA
CVE-2015-3902
Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x prior to 4.0.10.10, 4.2.x prior to 4.2.13.3, 4.3.x prior to 4.3.13.1, and 4.4.x prior to 4.4.6.1 allow remote malicious users to hijack the authentication of administrators for req...
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.4.2
Phpmyadmin Phpmyadmin 4.0.5
Phpmyadmin Phpmyadmin 4.0.10.5
Phpmyadmin Phpmyadmin 4.0.10.6
Phpmyadmin Phpmyadmin 4.2.5
Phpmyadmin Phpmyadmin 4.2.4
Phpmyadmin Phpmyadmin 4.2.1
Phpmyadmin Phpmyadmin 4.2.0
Phpmyadmin Phpmyadmin 4.3.6
Phpmyadmin Phpmyadmin 4.3.7
Phpmyadmin Phpmyadmin 4.4.0
Phpmyadmin Phpmyadmin 4.4.1
Phpmyadmin Phpmyadmin 4.0.1
Phpmyadmin Phpmyadmin 4.0.2
Phpmyadmin Phpmyadmin 4.0.8
Phpmyadmin Phpmyadmin 4.0.9
Phpmyadmin Phpmyadmin 4.0.10.9
Phpmyadmin Phpmyadmin 4.2.9.1
Phpmyadmin Phpmyadmin 4.2.13.1
Phpmyadmin Phpmyadmin 4.2.13.2
Phpmyadmin Phpmyadmin 4.3.2
NA
CVE-2015-2206
libraries/select_lang.lib.php in phpMyAdmin 4.0.x prior to 4.0.10.9, 4.2.x prior to 4.2.13.2, and 4.3.x prior to 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier fo...
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 4.0.5
Phpmyadmin Phpmyadmin 4.0.6
Phpmyadmin Phpmyadmin 4.0.10.3
Phpmyadmin Phpmyadmin 4.0.10.4
Phpmyadmin Phpmyadmin 4.2.3
Phpmyadmin Phpmyadmin 4.2.4
Phpmyadmin Phpmyadmin 4.2.9
Phpmyadmin Phpmyadmin 4.2.9.1
Phpmyadmin Phpmyadmin 4.3.0
Phpmyadmin Phpmyadmin 4.3.1
Phpmyadmin Phpmyadmin 4.3.9
Phpmyadmin Phpmyadmin 4.3.10
Phpmyadmin Phpmyadmin 4.0.4.1
Phpmyadmin Phpmyadmin 4.0.4.2
Phpmyadmin Phpmyadmin 4.0.10.1
Phpmyadmin Phpmyadmin 4.0.10.2
Phpmyadmin Phpmyadmin 4.2.1
Phpmyadmin Phpmyadmin 4.2.2
NA
CVE-2009-2884
Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote malicious users to inject arbitrary web script or HTML via the rank parameter.
Phpscriptsnow World\\'s Tallest Buildings -
1 EDB exploit
NA
CVE-2009-2442
Cross-site scripting (XSS) vulnerability in public/index.php in Linea21 1.2.1 allows remote malicious users to inject arbitrary web script or HTML via the search parameter in a resultats-recherche action.
Linea21 Linea21 1.2.1
1 EDB exploit
NA
CVE-2009-3162
Cross-site scripting (XSS) vulnerability in Multi Website 1.5 allows remote malicious users to inject arbitrary web script or HTML via the search parameter in a search action to the default URI.
Multi-website Multi Website 1.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »