Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-8732
Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via the virtual_del parameter.
Wampserver Wampserver 3.1.1
1 EDB exploit
NA
CVE-2009-2780
Multiple cross-site scripting (XSS) vulnerabilities in 68 Classifieds 4.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter to category.php, view parameter to (2) login.php and (3) viewlisting.php, page parameter to (4) searchresults.ph...
68 Classifieds 68 Classifieds 4.1
6 EDB exploits
NA
CVE-2008-2037
Multiple cross-site scripting (XSS) vulnerabilities in EditeurScripts EsContacts 1.0 allow remote authenticated users to inject arbitrary web script or HTML via the msg parameter to (1) login.php, (2) importer.php, (3) add_groupe.php, (4) contacts.php, (5) groupes.php, and (6) se...
Editeurscripts Escontacts 1.0
6 EDB exploits
NA
CVE-2009-4548
Multiple cross-site scripting (XSS) vulnerabilities in ViArt Helpdesk 3.x allow remote malicious users to inject arbitrary web script or HTML via the category_id parameter to (1) products.php, (2) article.php, (3) product_details.php, or (4) reviews.php; the (5) forum_id paramete...
Viart Viart Helpdesk 3.4.7
Viart Viart Helpdesk 3.3.2
6 EDB exploits
NA
CVE-2007-0056
Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter to (a) ashop/catalogue.php and (b) ashop/basket.php, the (2) exp parameter to ashop...
Ashopsoftware Ashop Administration Panel
Ashopsoftware Ashop Deluxe 4.5
6 EDB exploits
NA
CVE-2009-4717
Multiple cross-site scripting (XSS) vulnerabilities in Gonafish WebStatCaffe allow remote malicious users to inject arbitrary web script or HTML via the (1) host parameter to stat/host.php, nodayshow parameter to (2) mostvisitpage.php and (3) visitorduration.php in stat/, (4) nop...
Gonafish Webstatcaffe
6 EDB exploits
6.1
CVSSv3
CVE-2019-11398
Multiple cross-site scripting (XSS) vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote malicious users to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/ind...
Ulicms Ulicms 2019.2
Ulicms Ulicms 2019.1
2 EDB exploits
NA
CVE-2007-6646
Multiple cross-site scripting (XSS) vulnerabilities in LiveCart 1.0.1, and possibly other versions prior to 1.1.0, allow remote malicious users to inject arbitrary web script or HTML via (1) the return parameter to user/remindPassword, (2) the q parameter to the category script, ...
Integry Systems Livecart 1.0.1
4 EDB exploits
NA
CVE-2008-1621
Multiple cross-site scripting (XSS) vulnerabilities in GeeCarts allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) show.php, (2) search.php, and (3) view.php. NOTE: the provenance of this information is unknown; the details are obtaine...
Geertsen Holdings Inc Geecarts
3 EDB exploits
NA
CVE-2008-6431
Multiple cross-site scripting (XSS) vulnerabilities in BMForum 5.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) outpused parameter to index.php, the (2) footer_copyright and (3) verandproname parameters to newtem/footer/bsd01footer.php, and the ...
Bmforum Bmforum 5.6
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »