Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-36163
Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote malicious user to execute arbitrary code via a crafted script to the mc parameter of the URL.
Buildagate Project Buildagate 5
1 EDB exploit
1 Github repository
4.3
CVSSv2
CVE-2013-2750
Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 prior to 1.0.3 allows remote malicious users to inject arbitrary web script or HTML via the query string.
E107 E107 0.7.17
E107 E107 0.7.18
E107 E107 0.7.19
E107 E107 0.7.2
E107 E107
E107 E107 0.7.1
E107 E107 0.7.10
E107 E107 0.7.11
E107 E107 0.7.12
E107 E107 0.7.3
E107 E107 0.7.4
E107 E107 0.7.5
E107 E107 0.7.6
E107 E107 0.7.0
E107 E107 0.7.13
E107 E107 0.7.15
E107 E107 0.7.21
E107 E107 0.7.24
E107 E107 0.7.8
E107 E107 1.0.1
E107 E107 0.7.14
E107 E107 0.7.16
1 EDB exploit
4.3
CVSSv2
CVE-2011-1838
Multiple cross-site scripting (XSS) vulnerabilities in TemplateLogin.pm in TWiki prior to 5.0.2 allow remote malicious users to inject arbitrary web script or HTML via the origurl parameter to a (1) view script or (2) login script.
Twiki Twiki 4.1.2
Twiki Twiki 4.2.3
Twiki Twiki 4.0.4
Twiki Twiki 4.0.3
Twiki Twiki 4.2.0
Twiki Twiki
Twiki Twiki 5.0.0
Twiki Twiki 4.1.0
Twiki Twiki 4.0.5
Twiki Twiki 4.2.1
Twiki Twiki 4.1.1
Twiki Twiki 4.3.1
Twiki Twiki 4.2.4
Twiki Twiki 4.0.2
Twiki Twiki 4.0.1
Twiki Twiki 4.3.0
Twiki Twiki 4.3.2
Twiki Twiki 4.0.0
Twiki Twiki 4.2.2
Twiki Twiki 4.5.0
1 EDB exploit
3.5
CVSSv2
CVE-2020-8776
Alfresco Enterprise prior to 5.2.7 and Alfresco Community prior to 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file.
Alfresco Alfresco
1 EDB exploit
6.8
CVSSv2
CVE-2006-4593
Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Softbb Softbb 0.1
1 EDB exploit
3.5
CVSSv2
CVE-2017-3131
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 up to and including 5.4.4 and 5.6.0 allows malicious users to execute unauthorized code or commands via the filter input in "Applications" under FortiView.
Fortinet Fortios 5.4.4
Fortinet Fortios 5.6.0
Fortinet Fortios 5.4.3
Fortinet Fortios 5.4.2
Fortinet Fortios 5.4.1
Fortinet Fortios 5.4.0
1 EDB exploit
4.3
CVSSv2
CVE-2017-3133
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and previous versions allows malicious users to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN.
Fortinet Fortios
1 EDB exploit
3.5
CVSSv2
CVE-2020-8778
Alfresco Enterprise prior to 5.2.7 and Alfresco Community prior to 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project.
Alfresco Alfresco
1 EDB exploit
4.3
CVSSv2
CVE-2010-4909
Multiple cross-site scripting (XSS) vulnerabilities in PaysiteReviewCMS 1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) q parameter to search.php or the (2) image parameter to image.php.
Mechbunny Paysitereviewcms 1.1
2 EDB exploits
3.5
CVSSv2
CVE-2012-1979
Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the email parameter (aka Email address field) in an edit_user configuration action.
Syndeocms Syndeocms 2.8.00
Syndeocms Syndeocms 2.7.00
Syndeocms Syndeocms 2.9.00
Syndeocms Syndeocms 2.8.1
Syndeocms Syndeocms 2.8.02
Syndeocms Syndeocms 2.4
Syndeocms Syndeocms 2.6.00
Syndeocms Syndeocms 2.5.01
Syndeocms Syndeocms
Syndeocms Syndeocms 3.0.00
Syndeocms Syndeocms 2.5.00
Syndeocms Syndeocms 2.4.10
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »