Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-4983
Multiple cross-site scripting (XSS) vulnerabilities on the Forescout CounterACT NAC device prior to 7.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the a parameter to assets/login or (2) the query parameter to assets/rangesearch.
Forescout Counteract 6.3.4.10
5.8
CVSSv2
CVE-2017-9035
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows malicious users to eavesdrop and tamper with updates by leveraging unencrypted communications with update servers.
Trendmicro Serverprotect 3.0
4.3
CVSSv2
CVE-2017-9037
Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote malicious users to inject arbitrary web script or HTML via the (1) S44, (2) S5, (3) S_action_fail, (4) S_ptn_update, (5) T113, (6) T114, (7) T115, (8) T11711...
Trendmicro Serverprotect 3.0
NA
CVE-2012-6884
Joomla LiveChat component version 2.0 suffers from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
2.6
CVSSv2
CVE-2014-1826
Cross-site scripting (XSS) vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote malicious users to inject arbitrary web script or HTML via a crafted map name.
Ithoughts Ithoughtshd 4.19
4.3
CVSSv2
CVE-2014-1827
The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote malicious users to upload arbitrary files by placing a %00 sequence after a dangerous extension, as demonstrated by a .html%00.txt file.
Ithoughts Ithoughtshd 4.19
NA
CVE-2012-19331
Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.
NA
CVE-2012-19342
Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.
NA
CVE-2012-19353
Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.
NA
CVE-2011-4059
OmniTouch Instant Communication Suite suffers from cross site request forgery and cross site scripting vulnerabilities.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »