Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
450
VMScore
CVE-2007-4088
Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) id, (2) f, (3) quote, and (4) act parameters to cp.php; the (5) u parameter to user.php; the (6) f parameter to post.php; the (...
Vikingboard Vikingboard 0.1.2
4 EDB exploits
450
VMScore
CVE-2011-5214
Multiple cross-site scripting (XSS) vulnerabilities in BrowserCRM 5.100.01 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) modules/admin/admin_module_index.php, or (3) modules/calendar/customise_cal...
Browsercrm Browsercrm 4.999.20
Browsercrm Browsercrm 4.691.01
Browsercrm Browsercrm 4.622.00
Browsercrm Browsercrm 4.620.01
Browsercrm Browsercrm 4.612.00
Browsercrm Browsercrm 4.611.01
Browsercrm Browsercrm
Browsercrm Browsercrm 5.100.00
Browsercrm Browsercrm 4.624.90
Browsercrm Browsercrm 4.624.80
Browsercrm Browsercrm 4.619.00
Browsercrm Browsercrm 4.617.00
Browsercrm Browsercrm 4.610.00
Browsercrm Browsercrm 4.607.00
Browsercrm Browsercrm 5.002.00
Browsercrm Browsercrm 5.001.00
Browsercrm Browsercrm 4.624.70
Browsercrm Browsercrm 4.624.60
Browsercrm Browsercrm 4.616.00
Browsercrm Browsercrm 4.615.11
Browsercrm Browsercrm 4.605.00
Browsercrm Browsercrm 4.604.01
4 EDB exploits
435
VMScore
CVE-2017-5631
An issue exists in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter (i.e., "usr") that is transmitted in the login.php query string.
Kmc Information Systems Caseaware -
1 EDB exploit
460
VMScore
CVE-2009-2587
Multiple cross-site scripting (XSS) vulnerabilities in DragDropCart allow remote malicious users to inject arbitrary web script or HTML via the (1) sid parameter to assets/js/ddcart.php, the (2) prefix parameter to includes/ajax/getstate.php, the search parameter to (3) index.php...
Dragdropcart Dragdropcart -
6 EDB exploits
465
VMScore
CVE-2005-3520
Multiple cross-site scripting (XSS) vulnerabilities in MySource 2.14.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the target_url parameter in upgrade_in_progress_backend.php, (2) the stylesheet parameter in edit_table_cell_type_wysiwyg.php, and th...
Mysource Mysource 2.14.0
Mysource Mysource 2.14.0rc2
7 EDB exploits
465
VMScore
CVE-2005-4485
Multiple cross-site scripting (XSS) vulnerabilities in ProjectApp 3.3 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the keywords parameter to (1) forums.asp, (2) search_employees.asp, (3) cat.asp, and (4) links.asp; (5) projectid pa...
Iatek Projectapp
7 EDB exploits
465
VMScore
CVE-2008-6211
Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote malicious users to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php, (3) sess.php, (4) stats.php, (5) detail.php, (6) resize.php, and (7) show...
Mcgallerypro Mcgallery 1.1
7 EDB exploits
640
VMScore
CVE-2006-5983
Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level; the (2) TYPE parameter to (...
Jbmc Software Directadmin 1.28.1
8 EDB exploits
475
VMScore
CVE-2005-1782
Multiple cross-site scripting (XSS) vulnerabilities in BookReview beta 1.0 allow remote malicious users to inject arbitrary web script or HTML via the node parameter to (1) add_review.htm, (2) suggest_review.htm, (3) suggest_category.htm, (4) add_booklist.htm, or (5) add_url.htm,...
W.m.r. Simpson Bookreview 1.0
9 EDB exploits
475
VMScore
CVE-2005-2044
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.3 and 1.5 RC 1 allow remote malicious users to inject arbitrary web script or HTML via the (1) show_course parameter to browse.php, (2) subject parameter to contact.php, (3) cid parameter to content.php, (4) l para...
Adaptive Technology Resource Centre Atutor 1.5 Rc 1
Adaptive Technology Resource Centre Atutor 1.4.3
9 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »