Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflected xss vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2018-1002008
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
4.8
CVSSv3
CVE-2018-1002009
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
6.1
CVSSv3
CVE-2017-6699
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based ...
Cisco Prime Infrastructure 3.1
Cisco Evolved Programmable Network Manager 2.0\\(4.0.45b\\)
Cisco Evolved Programmable Network Manager 2.0\\(4.0.45d\\)
Cisco Prime Infrastructure 3.1\\(0.128\\)
Cisco Prime Infrastructure 3.1.1
Cisco Evolved Programmable Network Manager 2.0.0
4.8
CVSSv3
CVE-2018-1002004
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
6.1
CVSSv3
CVE-2023-20068
A vulnerability in the web-based management interface of Cisco Prime Infrastructure Software could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is...
Cisco Prime Infrastructure
6.1
CVSSv3
CVE-2020-3463
A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. The vulnerability is du...
Cisco Webex Meetings Online
6.1
CVSSv3
CVE-2018-11027
A reflected XSS vulnerability on Ruckus ICX7450-48 devices allows remote malicious users to inject arbitrary web script or HTML.
Ruckussecurity Icx7450-48 Firmware -
6.1
CVSSv3
CVE-2020-26583
An issue exists in Sage DPW 2020_06_x prior to 2020_06_002. It allows unauthenticated users to upload JavaScript (in a file) via the expenses claiming functionality. However, to view the file, authentication is required. By exploiting this vulnerability, an attacker can persisten...
Sagedpw Sage Dpw
6.1
CVSSv3
CVE-2020-26584
An issue exists in Sage DPW 2020_06_x prior to 2020_06_002. The search field "Kurs suchen" on the page Kurskatalog is vulnerable to Reflected XSS. If the attacker can lure a user into clicking a crafted link, he can execute arbitrary JavaScript code in the user's b...
Sagedpw Sage Dpw
6.1
CVSSv3
CVE-2017-12212
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input ...
Cisco Unity Connection 10.5\\(2\\)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »