Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2021-35959
In Plone 5.0 up to and including 5.2.4, Editors are vulnerable to XSS in the folder contents view, if a Contributor has created a folder with a SCRIPT tag in the description field.
Plone Plone
383
VMScore
CVE-2011-3598
Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin prior to 5.0.3 allow remote malicious users to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to display.php.
Phppgadmin Phppgadmin 3.4
Phppgadmin Phppgadmin 3.5.3
Phppgadmin Phppgadmin 2.2
Phppgadmin Phppgadmin 4.2.1
Phppgadmin Phppgadmin 3.1
Phppgadmin Phppgadmin 5.0.1
Phppgadmin Phppgadmin 3.4.1
Phppgadmin Phppgadmin 3.3
Phppgadmin Phppgadmin 4.1.1
Phppgadmin Phppgadmin
Phppgadmin Phppgadmin 2.2.1
Phppgadmin Phppgadmin 4.2.3
Phppgadmin Phppgadmin 3.5
Phppgadmin Phppgadmin 4.2.2
Phppgadmin Phppgadmin 3.5.2
Phppgadmin Phppgadmin 3.2
Phppgadmin Phppgadmin 5.0.0
383
VMScore
CVE-2012-0253
Multiple cross-site scripting (XSS) vulnerabilities in Demand Media Pluck SiteLife prior to 5.0.13 allow remote malicious users to inject arbitrary web script or HTML via (1) the jsonRequest parameter to Direct/Process, the (2) r or (3) cb parameter to Direct/jsonp.htm, or (4) th...
Demandmedia Pluck Sitelife
605
VMScore
CVE-2014-9334
Multiple cross-site request forgery (CSRF) vulnerabilities in the Bird Feeder plugin 1.2.3 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) user or (2) password param...
Bird Feeder Project Bird Feeder 1.2.3
641
VMScore
CVE-2017-9036
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine directory.
Trendmicro Serverprotect 3.0
383
VMScore
CVE-2017-9037
Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote malicious users to inject arbitrary web script or HTML via the (1) S44, (2) S5, (3) S_action_fail, (4) S_ptn_update, (5) T113, (6) T114, (7) T115, (8) T11711...
Trendmicro Serverprotect 3.0
231
VMScore
CVE-2005-4494
Cross-site scripting (XSS) vulnerability in SPIP 1.8.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters to (1) spip_login.php3 and (2) spip_pass.php3.
Spip Spip 1.8.2
605
VMScore
CVE-2015-1614
Multiple cross-site request forgery (CSRF) vulnerabilities in the Image Metadata Cruncher plugin for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) image_metadata_crunc...
Image Metadata Cruncher Project Image Metadata Cruncher -
NA
CVE-2012-19331
Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.
NA
CVE-2012-19342
Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »