Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2005-1162
Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote malicious users to inject arbitrary web script or HTML via the (1) sEmail parameter to owContactUs.asp, (2) bSub parameter to owListProduct.asp, or the (3) Name, (4) Email, or (5) Comment fields in ...
Oneworldstore Oneworldstore
2 EDB exploits
4.3
CVSSv2
CVE-2018-17784
Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM Community Edition 6.5.26 could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack on a targeted system.
Sugarcrm Sugarcrm
1 EDB exploit
4.3
CVSSv2
CVE-2018-17832
XSS exists in WUZHI CMS 2.0 via the index.php v or f parameter.
Wuzhicms Wuzhi Cms 2.0
1 EDB exploit
4.3
CVSSv2
CVE-2019-12562
Stored Cross-Site Scripting in DotNetNuke (DNN) Version prior to 9.4.0 allows remote malicious users to store and embed the malicious script into the admin notification page. The exploit could be used to perfom any action with admin privileges such as managing content, adding use...
Dnnsoftware Dotnetnuke
1 EDB exploit
1 Github repository
4.3
CVSSv2
CVE-2010-3906
Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.
Git Git 1.4.2.4
Git Git 1.4.2
Git Git 1.1.3
Git Git 1.3.2
Git Git 1.0.7
Git Git 1.1.5
Git Git 1.0.3
Git Git 1.2.2
Git-scm Git 0.04
Git-scm Git 0.7.0
Git Git 1.5.2.1
Git Git 1.5.1.5
Git Git 1.4.2.2
Git Git 1.4.2.3
Git Git 1.1.4
Git Git 1.3.1
Git Git 1.1.0
Git Git 1.4.1.1
Git Git 1.0.6
Git Git 1.1.6
Git Git 1.2.3
Git-scm Git 0.5
1 EDB exploit
4.3
CVSSv2
CVE-2016-3411
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration prior to 8.7.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka bug 103609.
Synacor Zimbra Collaboration Suite
1 EDB exploit
3.5
CVSSv2
CVE-2021-3111
The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI.
Concretecms Concrete Cms
3.5
CVSSv2
CVE-2018-11512
Stored cross-site scripting (XSS) vulnerability in the "Website's name" field found in the "Settings" page under the "General" menu in Creatiwity wityCMS 0.6.1 allows remote malicious users to inject arbitrary web script or HTML via a crafted we...
Creatiwity Witycms 0.6.1
1 EDB exploit
4.3
CVSSv2
CVE-2017-14620
SmarterStats Version 11.3.6347 will Render the Referer Field of HTTP Logfiles from URL /Data/Reports/ReferringURLsWithQueries resulting in Stored Cross Site Scripting.
Smartertools Smarterstats 11.3.6347
1 EDB exploit
4.3
CVSSv2
CVE-2018-18548
ajenticp (aka Ajenti Docker control panel) for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager.
Ajenti Ajenticp
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »