Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2017-3132
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and previous versions allows malicious users to Execute unauthorized code or commands via the action input during the activation of a FortiToken.
Fortinet Fortios
1 EDB exploit
435
VMScore
CVE-2017-3133
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and previous versions allows malicious users to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN.
Fortinet Fortios
1 EDB exploit
NA
CVE-2023-36163
Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote malicious user to execute arbitrary code via a crafted script to the mc parameter of the URL.
Buildagate Project Buildagate 5
1 EDB exploit
1 Github repository
440
VMScore
CVE-2010-4909
Multiple cross-site scripting (XSS) vulnerabilities in PaysiteReviewCMS 1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) q parameter to search.php or the (2) image parameter to image.php.
Mechbunny Paysitereviewcms 1.1
2 EDB exploits
355
VMScore
CVE-2018-11332
Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote malicious users to inject arbitrary web script or HTML via a crafted site name to the manager/processors/sav...
Clippercms Clippercms 1.3.3
1 EDB exploit
435
VMScore
CVE-2018-11339
An XSS issue exists in Frappe ERPNext v11.x.x-develop b1036e5 via a comment.
Frappe Erpnext 11.x.x-develop B1036e5
1 EDB exploit
383
VMScore
CVE-2020-28350
A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sokrates SOWA SowaSQL up to and including 5.6.1 via the sowacgi.php typ parameter.
Sokrates Sowasql
355
VMScore
CVE-2012-1979
Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the email parameter (aka Email address field) in an edit_user configuration action.
Syndeocms Syndeocms 2.8.00
Syndeocms Syndeocms 2.7.00
Syndeocms Syndeocms 2.9.00
Syndeocms Syndeocms 2.8.1
Syndeocms Syndeocms 2.8.02
Syndeocms Syndeocms 2.4
Syndeocms Syndeocms 2.6.00
Syndeocms Syndeocms 2.5.01
Syndeocms Syndeocms
Syndeocms Syndeocms 3.0.00
Syndeocms Syndeocms 2.5.00
Syndeocms Syndeocms 2.4.10
1 EDB exploit
435
VMScore
CVE-2010-0700
Cross-site scripting (XSS) vulnerability in index.php in WampServer 2.0i allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Wampserver Wampserver 2.0i
1 EDB exploit
355
VMScore
CVE-2019-15814
Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML.
Sentrifugo Sentrifugo 3.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »