Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jquery jquery vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5259
Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the msg parameter.
Blackcat-cms Blackcat Cms
NA
CVE-2015-6584
Cross-site scripting (XSS) vulnerability in the DataTables plugin 1.10.8 and previous versions for jQuery allows remote malicious users to inject arbitrary web script or HTML via the scripts parameter to media/unit_testing/templates/6776.php.
Sprymedia Datatables
6.1
CVSSv3
CVE-2019-13488
A cross-site scripting (XSS) vulnerability in static/js/trape.js in Trape through 2019-05-08 allows remote malicious users to inject arbitrary web script or HTML via the country, query, or refer parameter to the /register URI, because the jQuery prepend() method is used.
Trape Project Trape
NA
CVE-2015-2531
Cross-site scripting (XSS) vulnerability in the jQuery engine in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "Skype for Business Server and Lync Server XSS Informati...
Microsoft Lync Server 2013
Microsoft Skype For Business Server 2015
9.8
CVSSv3
CVE-2020-26629
A JQuery Unrestricted Arbitrary File Upload vulnerability exists in Hospital Management System V4.0 which allows an unauthenticated malicious user to upload any file to the server.
Phpgurukul Hospital Management System 4.0
5.4
CVSSv3
CVE-2020-29587
SimplCommerce 1.0.0-rc uses the Bootbox.js library, which allows creation of programmatic dialog boxes using Bootstrap modals. The Bootbox.js library intentionally does not perform any sanitization of user input, which results in a DOM XSS, because it uses the jQuery .html() func...
Simplcommerce Simplcommerce 1.0.0
6.1
CVSSv3
CVE-2019-1010113
Premium Software CLEditor 1.4.5 and previous versions is affected by: Cross Site Scripting (XSS). The impact is: An attacker might be able to inject arbitrary html and script code into the web site. The component is: jQuery plug-in. The attack vector is: the victim must open a cr...
Premiumsoftware Cleditor
7.5
CVSSv3
CVE-2020-5808
In certain scenarios in Tenable.sc before 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration.
Tenable Tenable.sc
9.8
CVSSv3
CVE-2021-32682
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an malicious user to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even ...
Std42 Elfinder
1 Github repository
9.8
CVSSv3
CVE-2017-17560
An issue exists on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device...
Westerndigital My Cloud Pr4100 Firmware 2.30.172
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »