Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2882
Multiple cross-site scripting (XSS) vulnerabilities in PG MatchMaking allow remote malicious users to inject arbitrary web script or HTML via the show parameter to (1) browse_ladies.php and (2) browse_men.php, the (3) gender parameter to search.php, and the (4) id parameter to se...
Datingpro Matchmaking
4 EDB exploits
NA
CVE-2013-2750
Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 prior to 1.0.3 allows remote malicious users to inject arbitrary web script or HTML via the query string.
E107 E107 0.7.17
E107 E107 0.7.18
E107 E107 0.7.19
E107 E107 0.7.2
E107 E107
E107 E107 0.7.1
E107 E107 0.7.10
E107 E107 0.7.11
E107 E107 0.7.12
E107 E107 0.7.3
E107 E107 0.7.4
E107 E107 0.7.5
E107 E107 0.7.6
E107 E107 0.7.0
E107 E107 0.7.13
E107 E107 0.7.15
E107 E107 0.7.21
E107 E107 0.7.24
E107 E107 0.7.8
E107 E107 1.0.1
E107 E107 0.7.14
E107 E107 0.7.16
1 EDB exploit
6.1
CVSSv3
CVE-2020-28350
A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sokrates SOWA SowaSQL up to and including 5.6.1 via the sowacgi.php typ parameter.
Sokrates Sowasql
NA
CVE-2006-4593
Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Softbb Softbb 0.1
1 EDB exploit
NA
CVE-2012-1979
Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the email parameter (aka Email address field) in an edit_user configuration action.
Syndeocms Syndeocms 2.8.00
Syndeocms Syndeocms 2.7.00
Syndeocms Syndeocms 2.9.00
Syndeocms Syndeocms 2.8.1
Syndeocms Syndeocms 2.8.02
Syndeocms Syndeocms 2.4
Syndeocms Syndeocms 2.6.00
Syndeocms Syndeocms 2.5.01
Syndeocms Syndeocms
Syndeocms Syndeocms 3.0.00
Syndeocms Syndeocms 2.5.00
Syndeocms Syndeocms 2.4.10
1 EDB exploit
4.8
CVSSv3
CVE-2018-11332
Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote malicious users to inject arbitrary web script or HTML via a crafted site name to the manager/processors/sav...
Clippercms Clippercms 1.3.3
1 EDB exploit
6.1
CVSSv3
CVE-2018-11339
An XSS issue exists in Frappe ERPNext v11.x.x-develop b1036e5 via a comment.
Frappe Erpnext 11.x.x-develop B1036e5
1 EDB exploit
NA
CVE-2013-0807
Cross-site scripting (XSS) vulnerability in the NewSectionPrompt function in include/tool/editing_page.php in gpEasy CMS 3.5.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the section parameter in a new_section action to index.php...
Gpeasy Gpeasy Cms 1.5
Gpeasy Gpeasy Cms 1.6.1
Gpeasy Gpeasy Cms 1.6.2
Gpeasy Gpeasy Cms 2.3.2
Gpeasy Gpeasy Cms 2.3.3
Gpeasy Gpeasy Cms 2.4
Gpeasy Gpeasy Cms 3.5
Gpeasy Gpeasy Cms 3.5.1
Gpeasy Gpeasy Cms 1.6
Gpeasy Gpeasy Cms 2.3
Gpeasy Gpeasy Cms 2.3.1
Gpeasy Gpeasy Cms 3.0.4
Gpeasy Gpeasy Cms 3.0.5
Gpeasy Gpeasy Cms 1.6.3
Gpeasy Gpeasy Cms 2.0.1
Gpeasy Gpeasy Cms 3.0
Gpeasy Gpeasy Cms 3.0.1
Gpeasy Gpeasy Cms
Gpeasy Gpeasy Cms 2.1
Gpeasy Gpeasy Cms 2.2
Gpeasy Gpeasy Cms 3.0.2
Gpeasy Gpeasy Cms 3.0.3
1 EDB exploit
NA
CVE-2011-1838
Multiple cross-site scripting (XSS) vulnerabilities in TemplateLogin.pm in TWiki prior to 5.0.2 allow remote malicious users to inject arbitrary web script or HTML via the origurl parameter to a (1) view script or (2) login script.
Twiki Twiki 4.1.2
Twiki Twiki 4.2.3
Twiki Twiki 4.0.4
Twiki Twiki 4.0.3
Twiki Twiki 4.2.0
Twiki Twiki
Twiki Twiki 5.0.0
Twiki Twiki 4.1.0
Twiki Twiki 4.0.5
Twiki Twiki 4.2.1
Twiki Twiki 4.1.1
Twiki Twiki 4.3.1
Twiki Twiki 4.2.4
Twiki Twiki 4.0.2
Twiki Twiki 4.0.1
Twiki Twiki 4.3.0
Twiki Twiki 4.3.2
Twiki Twiki 4.0.0
Twiki Twiki 4.2.2
Twiki Twiki 4.5.0
1 EDB exploit
6.1
CVSSv3
CVE-2018-19136
DomainMOD up to and including 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter.
Domainmod Domainmod
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »