Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-11332
Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote malicious users to inject arbitrary web script or HTML via a crafted site name to the manager/processors/sav...
Clippercms Clippercms 1.3.3
1 EDB exploit
3.5
CVSSv2
CVE-2018-11403
DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter.
Domainmod Domainmod 4.09.03
1 EDB exploit
4.3
CVSSv2
CVE-2018-11404
DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter.
Domainmod Domainmod 4.09.03
1 EDB exploit
4.3
CVSSv2
CVE-2010-0700
Cross-site scripting (XSS) vulnerability in index.php in WampServer 2.0i allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Wampserver Wampserver 2.0i
1 EDB exploit
4.3
CVSSv2
CVE-2013-2750
Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 prior to 1.0.3 allows remote malicious users to inject arbitrary web script or HTML via the query string.
E107 E107 0.7.17
E107 E107 0.7.18
E107 E107 0.7.19
E107 E107 0.7.2
E107 E107
E107 E107 0.7.1
E107 E107 0.7.10
E107 E107 0.7.11
E107 E107 0.7.12
E107 E107 0.7.3
E107 E107 0.7.4
E107 E107 0.7.5
E107 E107 0.7.6
E107 E107 0.7.0
E107 E107 0.7.13
E107 E107 0.7.15
E107 E107 0.7.21
E107 E107 0.7.24
E107 E107 0.7.8
E107 E107 1.0.1
E107 E107 0.7.14
E107 E107 0.7.16
1 EDB exploit
3.5
CVSSv2
CVE-2018-19752
DomainMOD up to and including 4.11.01 has XSS via the assets/add/registrar.php notes field for the Registrar.
Domainmod Domainmod
3.5
CVSSv2
CVE-2019-15814
Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML.
Sentrifugo Sentrifugo 3.2
1 EDB exploit
4.3
CVSSv2
CVE-2013-0807
Cross-site scripting (XSS) vulnerability in the NewSectionPrompt function in include/tool/editing_page.php in gpEasy CMS 3.5.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the section parameter in a new_section action to index.php...
Gpeasy Gpeasy Cms 1.5
Gpeasy Gpeasy Cms 1.6.1
Gpeasy Gpeasy Cms 1.6.2
Gpeasy Gpeasy Cms 2.3.2
Gpeasy Gpeasy Cms 2.3.3
Gpeasy Gpeasy Cms 2.4
Gpeasy Gpeasy Cms 3.5
Gpeasy Gpeasy Cms 3.5.1
Gpeasy Gpeasy Cms 1.6
Gpeasy Gpeasy Cms 2.3
Gpeasy Gpeasy Cms 2.3.1
Gpeasy Gpeasy Cms 3.0.4
Gpeasy Gpeasy Cms 3.0.5
Gpeasy Gpeasy Cms 1.6.3
Gpeasy Gpeasy Cms 2.0.1
Gpeasy Gpeasy Cms 3.0
Gpeasy Gpeasy Cms 3.0.1
Gpeasy Gpeasy Cms
Gpeasy Gpeasy Cms 2.1
Gpeasy Gpeasy Cms 2.2
Gpeasy Gpeasy Cms 3.0.2
Gpeasy Gpeasy Cms 3.0.3
1 EDB exploit
4.3
CVSSv2
CVE-2020-28350
A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sokrates SOWA SowaSQL up to and including 5.6.1 via the sowacgi.php typ parameter.
Sokrates Sowasql
4.3
CVSSv2
CVE-2014-4710
Cross-site scripting (XSS) vulnerability in zero_user_account.php in ZeroCMS 1.0 allows remote malicious users to inject arbitrary web script or HTML via the Full Name field.
Aas9 Zerocms 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »