Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4433
Cross-site scripting (XSS) vulnerability in XHProf prior to 0.9.4 allows remote malicious users to inject arbitrary web script or HTML via the run parameter.
Php Xhprof 0.9.1
Php Xhprof 0.9.0
Php Xhprof 0.9.2
Php Xhprof
6.1
CVSSv3
CVE-2019-11559
A reflected Cross-site scripting (XSS) vulnerability in HRworks V 1.16.1 allows remote malicious users to inject arbitrary web script or HTML via the URL parameter to the Login component.
Hrworks Hrworks 1.16.1
7.5
CVSSv3
CVE-2018-14918
LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal.
Loytec Lgate-902 Firmware
9.1
CVSSv3
CVE-2018-14916
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion.
Loytec Lgate-902 Firmware
6.1
CVSSv3
CVE-2018-14919
LOYTEC LGATE-902 6.3.2 devices allow XSS.
Loytec Lgate-902 Firmware
NA
CVE-2011-3598
Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin prior to 5.0.3 allow remote malicious users to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to display.php.
Phppgadmin Phppgadmin 3.4
Phppgadmin Phppgadmin 3.5.3
Phppgadmin Phppgadmin 2.2
Phppgadmin Phppgadmin 4.2.1
Phppgadmin Phppgadmin 3.1
Phppgadmin Phppgadmin 5.0.1
Phppgadmin Phppgadmin 3.4.1
Phppgadmin Phppgadmin 3.3
Phppgadmin Phppgadmin 4.1.1
Phppgadmin Phppgadmin
Phppgadmin Phppgadmin 2.2.1
Phppgadmin Phppgadmin 4.2.3
Phppgadmin Phppgadmin 3.5
Phppgadmin Phppgadmin 4.2.2
Phppgadmin Phppgadmin 3.5.2
Phppgadmin Phppgadmin 3.2
Phppgadmin Phppgadmin 5.0.0
9.8
CVSSv3
CVE-2017-7886
Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter.
Dolibarr Dolibarr Erp/crm 4.0.4
9.8
CVSSv3
CVE-2017-7888
Dolibarr ERP/CRM 4.0.4 stores passwords with the MD5 algorithm, which makes brute-force attacks easier.
Dolibarr Dolibarr Erp/crm 4.0.4
NA
CVE-2014-1826
Cross-site scripting (XSS) vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote malicious users to inject arbitrary web script or HTML via a crafted map name.
Ithoughts Ithoughtshd 4.19
NA
CVE-2014-1827
The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote malicious users to upload arbitrary files by placing a %00 sequence after a dangerous extension, as demonstrated by a .html%00.txt file.
Ithoughts Ithoughtshd 4.19
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »