Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-6431
Multiple cross-site scripting (XSS) vulnerabilities in BMForum 5.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) outpused parameter to index.php, the (2) footer_copyright and (3) verandproname parameters to newtem/footer/bsd01footer.php, and the ...
Bmforum Bmforum 5.6
3 EDB exploits
4.3
CVSSv2
CVE-2008-1621
Multiple cross-site scripting (XSS) vulnerabilities in GeeCarts allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) show.php, (2) search.php, and (3) view.php. NOTE: the provenance of this information is unknown; the details are obtaine...
Geertsen Holdings Inc Geecarts
3 EDB exploits
4.3
CVSSv2
CVE-2007-2300
Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto Surat kabar / News Management Online (aka phpwebnews) 0.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the m_txt parameter to (1) iklan.php, (2) index.php, or (3...
Surat Kabar Phpwebnews 0.1
Surat Kabar Phpwebnews 0.2
3 EDB exploits
4.3
CVSSv2
CVE-2006-1233
Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote malicious users to inject arbitrary web script or HTML via the (1) ArtCat parameter to wmview.php, (2) ctrrowcol parameter to footer.php, or (3) ArtID parameter to wmcomments.php.
Mikael Software Wmnews
3 EDB exploits
4.3
CVSSv2
CVE-2009-3186
Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ allow remote malicious users to inject arbitrary web script or HTML via the (1) t parameter to forum.php, (2) profile_name parameter to profile.php, and (3) p parameter to view.php.
Videogirls Videogirls Biz
3 EDB exploits
2.6
CVSSv2
CVE-2018-6193
A Cross-Site Scripting (XSS) vulnerability was found in Routers2 2.24, affecting the 'rtr' GET parameter in a page=graph action to cgi-bin/routers2.pl.
Routers2 Project Routers2 2.24
1 EDB exploit
3.5
CVSSv2
CVE-2018-8815
Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote malicious users to inject arbitrary web script or HTML via a malicious SVG image.
Alkacon Opencms 10.5.3
1 EDB exploit
3.5
CVSSv2
CVE-2021-3111
The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI.
Concretecms Concrete Cms
4.3
CVSSv2
CVE-2018-7653
In YzmCMS 3.6, index.php has XSS via the a, c, or m parameter.
Yzmcms Yzmcms 3.6
1 EDB exploit
3.5
CVSSv2
CVE-2019-13977
index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&idx=create&userid=0&bgrp=y, tg=delegat, tg=site&idx=create, tg=site&item=4, tg=admdir&idx=mdb&id=1, tg=notes&idx=Create, tg=admfaqs&idx=Add, or tg=admoc&idx=addoc&item=.
Ovidentia Ovidentia 8.4.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »