Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-5715
phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string (aka a $key variable).
Sugarcrm Sugarcrm 3.5.1
1 EDB exploit
4.3
CVSSv2
CVE-2016-3411
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration prior to 8.7.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka bug 103609.
Synacor Zimbra Collaboration Suite
1 EDB exploit
3.5
CVSSv2
CVE-2018-12095
A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php.
Oecms Project Oecms 3.1
1 EDB exploit
4.3
CVSSv2
CVE-2016-9834
An XSS vulnerability allows remote malicious users to execute arbitrary client side script on vulnerable installations of Sophos Cyberoam firewall devices with firmware up to and including 10.6.4. User interaction is required to exploit this vulnerability in that the target must ...
Sophos Cyberoam Firmware
1 EDB exploit
5.8
CVSSv2
CVE-2005-1162
Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote malicious users to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp, (2) bSub parameter to owListProduct.asp, or the (3) Name, (4) Email, or (5) Comment fields in ...
Oneworldstore Oneworldstore
2 EDB exploits
4.3
CVSSv2
CVE-2017-14620
SmarterStats Version 11.3.6347 will Render the Referer Field of HTTP Logfiles from URL /Data/Reports/ReferringURLsWithQueries resulting in Stored Cross Site Scripting.
Smartertools Smarterstats 11.3.6347
1 EDB exploit
2.6
CVSSv2
CVE-2018-6193
A Cross-Site Scripting (XSS) vulnerability was found in Routers2 2.24, affecting the 'rtr' GET parameter in a page=graph action to cgi-bin/routers2.pl.
Routers2 Project Routers2 2.24
1 EDB exploit
4.3
CVSSv2
CVE-2019-11564
A cross-site scripting (XSS) vulnerability in HumHub 1.3.12 allows remote malicious users to inject arbitrary web script or HTML via a /protected/vendor/codeception/codeception/tests/data/app/view/index.php POST request.
Humhub Humhub 1.3.12
1 EDB exploit
4.3
CVSSv2
CVE-2018-15596
An issue exists in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents) aren...
Mybb Mybb 1.8.17
1 EDB exploit
3.5
CVSSv2
CVE-2018-8815
Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote malicious users to inject arbitrary web script or HTML via a malicious SVG image.
Alkacon Opencms 10.5.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »