Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflected xss vulnerabilities and exploits
(subscribe to this query)
355
VMScore
CVE-2018-1002006
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes
Kibokolabs Arigato Autoresponder And Newsletter
1 EDB exploit
355
VMScore
CVE-2018-1002007
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable html_id.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
355
VMScore
CVE-2018-1002008
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
355
VMScore
CVE-2018-1002009
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
312
VMScore
CVE-2017-6605
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to conduct a reflective cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. ...
Cisco Identity Services Engine 2.1\\(0.800\\)
383
VMScore
CVE-2020-3463
A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. The vulnerability is du...
Cisco Webex Meetings Online
NA
CVE-2023-20068
A vulnerability in the web-based management interface of Cisco Prime Infrastructure Software could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is...
Cisco Prime Infrastructure
383
VMScore
CVE-2018-11027
A reflected XSS vulnerability on Ruckus ICX7450-48 devices allows remote malicious users to inject arbitrary web script or HTML.
Ruckussecurity Icx7450-48 Firmware -
383
VMScore
CVE-2020-26584
An issue exists in Sage DPW 2020_06_x prior to 2020_06_002. The search field "Kurs suchen" on the page Kurskatalog is vulnerable to Reflected XSS. If the attacker can lure a user into clicking a crafted link, he can execute arbitrary JavaScript code in the user's b...
Sagedpw Sage Dpw
383
VMScore
CVE-2020-26583
An issue exists in Sage DPW 2020_06_x prior to 2020_06_002. It allows unauthenticated users to upload JavaScript (in a file) via the expenses claiming functionality. However, to view the file, authentication is required. By exploiting this vulnerability, an attacker can persisten...
Sagedpw Sage Dpw
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »