Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-1828
The iThoughts web server in the iThoughtsHD app 4.19 for iOS on iPad devices allows remote malicious users to cause a denial of service (disk consumption) by uploading a large file.
Ithoughts Ithoughtshd 4.19
NA
CVE-2012-4983
Multiple cross-site scripting (XSS) vulnerabilities on the Forescout CounterACT NAC device prior to 7.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the a parameter to assets/login or (2) the query parameter to assets/rangesearch.
Forescout Counteract 6.3.4.10
NA
CVE-2012-4985
The Forescout CounterACT NAC device 6.3.4.1 does not block ARP and ICMP traffic from unrecognized clients, which allows remote malicious users to conduct ARP poisoning attacks via crafted packets.
Forescout Counteract 6.3.4.10
NA
CVE-2011-0770
Cross-site scripting (XSS) vulnerability in Windows Event Log SmartConnector in HP ArcSight Connector Appliance prior to 6.1 allows remote malicious users to inject arbitrary web script or HTML via the Windows XP variable in a file.
Hp Windows Event Log Smartconnector
Hp Arcsight C1300 Appliance
Hp Arcsight C3400 Appliance
Hp Arcsight C5400 Appliance
Hp Arcsight C3200 Appliance
Hp Arcsight C5200 Appliance
Hp Arcsight C1000 Appliance
NA
CVE-2014-9394
Multiple cross-site request forgery (CSRF) vulnerabilities in the PWGRandom plugin 1.11 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) pwgrand...
Pwgrandom Project Pwgrandom
NA
CVE-2012-19331
Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.
NA
CVE-2012-19342
Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.
NA
CVE-2012-19353
Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.
9.8
CVSSv3
CVE-2017-7888
Dolibarr ERP/CRM 4.0.4 stores passwords with the MD5 algorithm, which makes brute-force attacks easier.
Dolibarr Dolibarr Erp\\/crm 4.0.4
NA
CVE-2014-8071
Multiple cross-site scripting (XSS) vulnerabilities in OpenMRS 2.1 Standalone Edition allow remote malicious users to inject arbitrary web script or HTML via the (1) givenName, (2) familyName, (3) address1, or (4) address2 parameter to registrationapp/registerPatient.page; the (5...
Openmrs Openmrs 2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »