Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2013-0134
Cross-site scripting (XSS) vulnerability in the web interface in AirDroid allows remote malicious users to inject arbitrary web script or HTML via a crafted text message that is transmitted by a managed phone.
Airdroid Airdroid -
383
VMScore
CVE-2011-1523
Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the layer parameter.
Nagios Nagios 2.0b1
Nagios Nagios 2.0
Nagios Nagios 1.0b3
Nagios Nagios 1.0b2
Nagios Nagios 3.0
Nagios Nagios 2.0b5
Nagios Nagios 2.0b4
Nagios Nagios 1.2
Nagios Nagios 1.1
Nagios Nagios 1.0 B1
Nagios Nagios 1.0 B2
Nagios Nagios 3.0.3
Nagios Nagios 3.0.2
Nagios Nagios 2.1
Nagios Nagios 2.4
Nagios Nagios 3.0.1
Nagios Nagios 1.4.1
Nagios Nagios 2.5
Nagios Nagios 2.7
Nagios Nagios 2.10
Nagios Nagios 2.0b3
Nagios Nagios 2.0b2
801
VMScore
CVE-2013-6990
FortiGuard FortiAuthenticator prior to 3.0 allows remote administrators to gain privileges via the command line interface.
Fortinet Fortiauthenticator
383
VMScore
CVE-2014-9325
Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) QUERYSTRING variable in lib/TWiki.pm or (2) QUERYPARAMSTRING variable in lib/TWiki/UI/View.pm, as demonstrated by the QUERY_STRING to...
Twiki Twiki 6.0.1
605
VMScore
CVE-2014-9340
Multiple cross-site request forgery (CSRF) vulnerabilities in the wpCommentTwit plugin 0.5 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) user...
Wpcommenttwit Project Wpcommenttwit
605
VMScore
CVE-2014-9368
Cross-site request forgery (CSRF) vulnerability in the twitterDash plugin 2.1 and previous versions for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the username_twitterDash...
Twitterdash Project Twitterdash
605
VMScore
CVE-2014-9395
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simplelife plugin 1.2 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) simpleh...
Simplelife Project Simplelife
605
VMScore
CVE-2014-9399
Cross-site request forgery (CSRF) vulnerability in the TweetScribe plugin 1.1 and previous versions for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the tweetscribe_username...
Tweetscribe Project Tweetscribe
383
VMScore
CVE-2019-11559
A reflected Cross-site scripting (XSS) vulnerability in HRworks V 1.16.1 allows remote malicious users to inject arbitrary web script or HTML via the URL parameter to the Login component.
Hrworks Hrworks 1.16.1
605
VMScore
CVE-2014-9338
Multiple cross-site request forgery (CSRF) vulnerabilities in the O2Tweet plugin 0.0.4 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) o2t_user...
O2tweet Project O2tweet
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »