Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
script security vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-1995
Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2.x prior to 7.2.5 Patch 5 allow remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Ibm Security Qradar Incident Forensics 7.2.0
Ibm Security Qradar Incident Forensics 7.2.1
Ibm Security Qradar Incident Forensics 7.2.3
Ibm Security Qradar Incident Forensics 7.2.5
Ibm Security Qradar Incident Forensics 7.2.2
Ibm Security Qradar Incident Forensics 7.2.4
383
VMScore
CVE-2007-6156
Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) prior to 1.3.9 allow remote malicious users to inject arbitrary web script or HTML via the (1) sig[0] and (2) sig[1] parameters.
Secureideas Basic Analysis And Security Engine
Secureideas Basic Analysis And Security Engine 1.1.4
Secureideas Basic Analysis And Security Engine 1.3.6
Secureideas Basic Analysis And Security Engine 1.2.7
Secureideas Basic Analysis And Security Engine 1.2
Secureideas Basic Analysis And Security Engine 1.2.2
Secureideas Basic Analysis And Security Engine 1.2.1
Secureideas Basic Analysis And Security Engine 1.1.2
Secureideas Basic Analysis And Security Engine 1.3.5
Secureideas Basic Analysis And Security Engine 1.2.4
Secureideas Basic Analysis And Security Engine 1.2.5
Secureideas Basic Analysis And Security Engine 1.2.6
Secureideas Basic Analysis And Security Engine 1.2.0
Secureideas Basic Analysis And Security Engine 1.1
Secureideas Basic Analysis And Security Engine 1.1.3
383
VMScore
CVE-2009-4837
Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE) prior to 1.4.3.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) sig[1] parameter to base/base_qry_main.php, or the time[0][1] parameter to (2) base/ba...
Secureideas Basic Analysis And Security Engine
Secureideas Basic Analysis And Security Engine 1.2
Secureideas Basic Analysis And Security Engine 1.1.4
Secureideas Basic Analysis And Security Engine 1.3.6
Secureideas Basic Analysis And Security Engine 1.2.7
Secureideas Basic Analysis And Security Engine 1.2.2
Secureideas Basic Analysis And Security Engine 1.2.1
Secureideas Basic Analysis And Security Engine 1.1.2
Secureideas Basic Analysis And Security Engine 1.1
Secureideas Basic Analysis And Security Engine 1.3.8
Secureideas Basic Analysis And Security Engine 1.3.9
Secureideas Basic Analysis And Security Engine 1.2.4
Secureideas Basic Analysis And Security Engine 1.2.5
Secureideas Basic Analysis And Security Engine 1.2.6
Secureideas Basic Analysis And Security Engine 1.2.0
Secureideas Basic Analysis And Security Engine 1.1.3
Secureideas Basic Analysis And Security Engine 1.3.5
445
VMScore
CVE-2015-1994
IBM Security QRadar Incident Forensics 7.2.x prior to 7.2.5 Patch 5 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote malicious users to obtain potentially sensitive information via script access to this cookie.
Ibm Security Qradar Incident Forensics 7.2.0
Ibm Security Qradar Incident Forensics 7.2.5
Ibm Security Qradar Incident Forensics 7.2.1
Ibm Security Qradar Incident Forensics 7.2.3
Ibm Security Qradar Incident Forensics 7.2.2
Ibm Security Qradar Incident Forensics 7.2.4
383
VMScore
CVE-2013-5300
Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) prior to 4.3.0 allow remote malicious users to inject arbitrary web script or HTML via the withoutmenu parameter to (1) vulnmeter/index.php or (2) vulnmeter/sched...
Alienvault Open Source Security Information Management 4.0.4
Alienvault Open Source Security Information Management 4.0.3
Alienvault Open Source Security Information Management 2.1.5-1
Alienvault Open Source Security Information Management 2.1.5
Alienvault Open Source Security Information Management
Alienvault Open Source Security Information Management 3.1.9
Alienvault Open Source Security Information Management 3.1.12
Alienvault Open Source Security Information Management 2.1.2
Alienvault Open Source Security Information Management 2.1
Alienvault Open Source Security Information Management 4.2.2
Alienvault Open Source Security Information Management 4.2
Alienvault Open Source Security Information Management 3.1.10
Alienvault Open Source Security Information Management 3.1
Alienvault Open Source Security Information Management 1.0.6
Alienvault Open Source Security Information Management 1.0.4
Alienvault Open Source Security Information Management 4.1.3
Alienvault Open Source Security Information Management 4.1.2
Alienvault Open Source Security Information Management 4.1
Alienvault Open Source Security Information Management 2.1.5-3
Alienvault Open Source Security Information Management 2.1.5-2
383
VMScore
CVE-2016-8011
Cross-site scripting vulnerability in Intel Security McAfee Endpoint Security (ENS) Web Control prior to 10.2.0.408.10 allows malicious users to inject arbitrary web script or HTML via a crafted web site.
Intel Security Mcafee Endpoint Security Web Control
435
VMScore
CVE-2008-0919
Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the dest parameter.
Open Source Security Information Management Os-sim 0.3.1alpha
Open Source Security Information Management Os-sim 0.3alpha
Open Source Security Information Management Os-sim 0.7.1
Open Source Security Information Management Os-sim 0.8
Open Source Security Information Management Os-sim 0.9.7
Open Source Security Information Management Os-sim 0.9.8
Open Source Security Information Management Os-sim 0.5.1
Open Source Security Information Management Os-sim 0.5.2
Open Source Security Information Management Os-sim 0.9
Open Source Security Information Management Os-sim 0.9.1
Open Source Security Information Management Os-sim 0.9.9 Rc1
Open Source Security Information Management Os-sim 0.9.9 Rc2
Open Source Security Information Management Os-sim 0.1alpha
Open Source Security Information Management Os-sim 0.2alpha
Open Source Security Information Management Os-sim 0.6.3
Open Source Security Information Management Os-sim 0.7
Open Source Security Information Management Os-sim 0.9.4
Open Source Security Information Management Os-sim 0.9.5
Open Source Security Information Management Os-sim 0.9.6
Open Source Security Information Management Os-sim 0.6
Open Source Security Information Management Os-sim 0.6.2
Open Source Security Information Management Os-sim 0.9.2
1 EDB exploit
383
VMScore
CVE-2008-4485
Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 prior to 4.2.9, 5.2 prior to 5.2.5, and 5.3 prior to 5.3.1.7 allows remote malicious users to inject arbitrary web script or HTML via the URL.
Bluecoat Security Gateway Os 4.2
Bluecoat Security Gateway Os 5.2
Bluecoat Security Gateway Os 5.3
383
VMScore
CVE-2014-3266
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Security Manager 4.6 and previous versions allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun65189.
Cisco Security Manager
Cisco Security Manager 4.5
Cisco Security Manager 4.0.1
Cisco Security Manager 4.0
Cisco Security Manager 4.3
Cisco Security Manager 4.2
Cisco Security Manager 4.4
Cisco Security Manager 4.1
383
VMScore
CVE-2016-1226
Cross-site scripting (XSS) vulnerability in Trend Micro Internet Security 8 and 10 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Trendmicro Internet Security 10.0
Trendmicro Internet Security 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »