Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-9398
Cross-site request forgery (CSRF) vulnerability in the Twitter LiveBlog plugin 1.1.2 and previous versions for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the mashtlb_twitt...
Twitter Liveblog Project Twitter Liveblog
NA
CVE-2013-4722
Multiple cross-site scripting (XSS) vulnerabilities in Admin/login/default.asp in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions allow remote malicious users to inject arbitrary web script or HTML via the (1) username, (2) u...
Ddsn Cm3 Acora Content Management System 6.0.2/1a
Ddsn Cm3 Acora Content Management System 5.5.7/12b
Ddsn Cm3 Acora Content Management System 5.5.0/1b-p1
Ddsn Cm3 Acora Content Management System 6.0.6/1a
NA
CVE-2013-4724
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote malicious users to obtain potentially sensitive informatio...
Ddsn Cm3 Acora Content Management System 6.0.2/1a
Ddsn Cm3 Acora Content Management System 5.5.7/12b
Ddsn Cm3 Acora Content Management System 5.5.0/1b-p1
Ddsn Cm3 Acora Content Management System 6.0.6/1a
NA
CVE-2013-4728
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote malicious users to obtain sensitive information via a .. (dot dot) in the "l" parameter, which reveals the installation path in an error message.
Ddsn Cm3 Acora Content Management System 6.0.2/1a
Ddsn Cm3 Acora Content Management System 5.5.7/12b
Ddsn Cm3 Acora Content Management System 5.5.0/1b-p1
Ddsn Cm3 Acora Content Management System 6.0.6/1a
9.8
CVSSv3
CVE-2017-9034
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows malicious users to write to arbitrary files and consequently execute arbitrary code with root privileges by leveraging failure to validate software updates.
Trendmicro Serverprotect 3.0
7.8
CVSSv3
CVE-2017-9036
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine directory.
Trendmicro Serverprotect 3.0
NA
CVE-2017-90363
Trend Micro ServerProtect suffers from information disclosure, manipulation, cross site request forgery, cross site scripting, and various other vulnerabilities.
NA
CVE-2013-4725
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmis...
Ddsn Cm3 Acora Content Management System 6.0.2/1a
Ddsn Cm3 Acora Content Management System 5.5.7/12b
Ddsn Cm3 Acora Content Management System 5.5.0/1b-p1
Ddsn Cm3 Acora Content Management System 6.0.6/1a
NA
CVE-2013-4726
Cross-site request forgery (CSRF) vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Ddsn Cm3 Acora Content Management System 6.0.2/1a
Ddsn Cm3 Acora Content Management System 5.5.7/12b
Ddsn Cm3 Acora Content Management System 5.5.0/1b-p1
Ddsn Cm3 Acora Content Management System 6.0.6/1a
NA
CVE-2011-4054
Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder R6 SP6 before CR7 and R12 SP3 before CR8 allows remote malicious users to inject arbitrary web script or HTML via the postpreservationdata parameter.
Ca Siteminder
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »