Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jquery jquery vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2017-1000170
jqueryFileTree 2.1.5 and older Directory Traversal
Jqueryfiletree Project Jqueryfiletree
1 Github repository
435
VMScore
CVE-2011-5180
Cross-site scripting (XSS) vulnerability in wp-1pluginjquery.php in the ZooEffect plugin 1.01 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter. NOTE: some of these details are obtained from third party information. NOTE: th...
Zooeffect Zooeffect
1 EDB exploit
383
VMScore
CVE-2017-6929
A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains. This vulnerability is mitigated by the fact that it requires contributed or custom modules in order to exploit. For Drupal 8, this vulnerability was already fixed in Drupal 8.4....
Drupal Drupal
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
387
VMScore
CVE-2020-11023
In jQuery versions greater than or equal to 1.0.3 and prior to 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted c...
Jquery Jquery
Debian Debian Linux 9.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Drupal Drupal
Oracle Weblogic Server 12.1.3.0.0
Oracle Hyperion Financial Reporting 11.1.2.4
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Operations Monitor 3.4
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Communications Interactive Session Recorder
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Application Express
Oracle Rest Data Services 12.2.0.1
Oracle Rest Data Services 12.1.0.2
13 Github repositories
384
VMScore
CVE-2021-41183
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text...
Jqueryui Jquery Ui
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Debian Debian Linux 9.0
Drupal Drupal
Oracle Hospitality Suite8 8.10.2
Oracle Weblogic Server 12.2.1.3.0
Oracle Agile Plm 9.3.6
Oracle Weblogic Server 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Weblogic Server 14.1.1.0.0
Oracle Banking Platform 2.9.0
384
VMScore
CVE-2021-41184
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option...
Jqueryui Jquery Ui
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Drupal Drupal
Tenable Tenable.sc
Oracle Hospitality Suite8 8.10.2
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Hospitality Materials Control 18.1
Oracle Agile Plm 9.3.6
Oracle Weblogic Server 12.2.1.4.0
2 Github repositories
NA
CVE-2024-24850
Missing Authorization vulnerability in Mark Stockton Quicksand Post Filter jQuery Plugin.This issue affects Quicksand Post Filter jQuery Plugin: from n/a up to and including 3.1.1.
NA
CVE-2024-24849
Cross-Site Request Forgery (CSRF) vulnerability in Mark Stockton Quicksand Post Filter jQuery Plugin.This issue affects Quicksand Post Filter jQuery Plugin: from n/a up to and including 3.1.1.
384
VMScore
CVE-2021-41182
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altFi...
Jqueryui Jquery Ui
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Debian Debian Linux 9.0
Drupal Drupal
Oracle Hospitality Suite8 8.10.2
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 17.7
Oracle Primavera Unifier 17.8
Oracle Primavera Unifier 17.9
Oracle Primavera Unifier 17.10
Oracle Primavera Unifier 17.11
383
VMScore
CVE-2013-2022
Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer prior to 2.2.23 allow remote malicious users to inject arbitrary web script or HTML via the (1) jQuery or (2) id parameters, a different vulnerabilit...
Happyworm Jplayer 2.0.1
Happyworm Jplayer 2.1.2
Happyworm Jplayer 0.2.5
Happyworm Jplayer 2.0.29
Happyworm Jplayer 2.0.22
Happyworm Jplayer 2.2.18
Happyworm Jplayer 2.0.23
Happyworm Jplayer 2.2.14
Happyworm Jplayer 1.1.1
Happyworm Jplayer 0.2.4
Happyworm Jplayer 2.0.14
Happyworm Jplayer 2.0.3
Happyworm Jplayer 2.0.33
Happyworm Jplayer 2.2.17
Happyworm Jplayer 2.1.0
Happyworm Jplayer 2.0.34
Happyworm Jplayer 1.2.0
Happyworm Jplayer 2.0.9
Happyworm Jplayer 2.2.20
Happyworm Jplayer 2.0.31
Happyworm Jplayer 2.2.11
Happyworm Jplayer 2.0.25
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »