Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss man vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4989
Cross-site scripting (XSS) vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote malicious users to inject arbitrary web script or HTML via the txtkeyword parameter in a search action.
Ajsquare Aj Auction Pro-oopd 3.0
1 EDB exploit
NA
CVE-2009-4688
Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Shopping Cart Selling Website Script allow remote malicious users to inject arbitrary web script or HTML via the (1) txtkeywords and (2) cid parameters.
Resalecode Php Shopping Cart Selling Website Script
1 EDB exploit
NA
CVE-2009-2437
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Rentventory 1.0.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) username (aka Login) and (2) password parameters in a login action.
Rentventory Rentventory 1.0.1
1 EDB exploit
7.5
CVSSv3
CVE-2019-10072
The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOW_UPDATE messages for the connection window (stream 0) clients were able to cause serve...
Apache Tomcat
Apache Tomcat 9.0.0
1 Article
NA
CVE-2009-2438
Cross-site scripting (XSS) vulnerability in index.php in the search module in ClanSphere 2009.0 and 2009.0.2 allows remote malicious users to inject arbitrary web script or HTML via the text parameter in a list action. NOTE: this might overlap CVE-2008-1399.
Clansphere Clansphere 2009.0
Clansphere Clansphere 2009.0.2
1 EDB exploit
NA
CVE-2009-4864
Multiple cross-site scripting (XSS) vulnerabilities in escorts_search.php in I-Escorts Directory Script and Agency Script allow remote malicious users to inject arbitrary web script or HTML via the (1) search_name and (2) languages parameters. NOTE: some of these details are obta...
I-escorts I-escorts Directory Script
I-escorts I-escorts Agency Script
1 EDB exploit
NA
CVE-2009-2920
Multiple cross-site scripting (XSS) vulnerabilities in Elvin 1.2.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) component and (2) priority parameters to buglist.php; and the (3) Username (4) E-mail, (5) Pass, and (6) Confirm pass fields to creat...
Elvinbts Elvinbts 1.2.2
1 EDB exploit
NA
CVE-2011-4809
Multiple cross-site scripting (XSS) vulnerabilities in the HM Community (com_hmcommunity) component prior to 1.01 for Joomla! allow remote malicious users to inject arbitrary web script or HTML via the (1) language[], (2) university[], (3) persent[], (4) company_name[], (5) desig...
Joomlaextensions Com Hmcommunity
1 EDB exploit
6.5
CVSSv3
CVE-2019-20503
usrsctp prior to 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
Usrsctp Project Usrsctp
1 Article
6.1
CVSSv3
CVE-2018-10547
An issue exists in ext/phar/phar_object.c in PHP prior to 5.6.36, 7.0.x prior to 7.0.30, 7.1.x prior to 7.1.17, and 7.2.x prior to 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists bec...
Php Php
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Storage Automation Store -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »