Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2012-0007
The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 does not properly evaluate characters after the detection of a Cascading Style Sheets (CSS) escaped character, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via HTML input, a...
Microsoft Anti-cross Site Scripting Library 3.1
Microsoft Anti-cross Site Scripting Library 4.0
1 EDB exploit
490
VMScore
CVE-2009-3789
Multiple cross-site scripting (XSS) vulnerabilities in OpenDocMan 1.2.5 allow remote malicious users to inject arbitrary web script or HTML via the last_message parameter to (1) add.php, (2) toBePublished.php, (3) index.php, and (4) admin.php; the PATH_INFO to the default URI to ...
Opendocman Opendocman 1.2.5
12 EDB exploits
475
VMScore
CVE-2008-3664
Multiple cross-site scripting (XSS) vulnerabilities in XRMS allow remote malicious users to inject arbitrary web script or HTML via (1) the real name field, related to the user list; (2) the target parameter to login.php, (3) the title parameter to activities/some.php, (4) the co...
Xrms Xrms Crm
9 EDB exploits
695
VMScore
CVE-2006-5146
Multiple cross-site scripting (XSS) vulnerabilities in Yblog allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter in (a) funk.php, or the (2) action parameter in (b) tem.php and (c) uss.php.
Yblog Yblog
3 EDB exploits
540
VMScore
CVE-2006-4985
Multiple cross-site scripting (XSS) vulnerabilities in Grayscale BandSite CMS allow remote malicious users to inject arbitrary web script or HTML via (1) the max_file_size_purdy parameter in adminpanel/includes/helpfiles/help_mp3.php, (2) the message_text parameter in adminpanel/...
Grayscale Bandsite Cms 1.1
22 EDB exploits
455
VMScore
CVE-2008-3186
Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog (Blogger) allow remote malicious users to inject arbitrary web script or HTML via the membername parameter to (1) members.php, (2) comments.php, (3) photos.php, (4) archive.php, or (5) cat.php. NOTE: the provena...
Chipmunk Scripts Chipmunk Blogger
5 EDB exploits
440
VMScore
CVE-2012-0389
Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and previous versions, 5.x prior to 5.53, and 6.x prior to 6.03 allows remote malicious users to inject arbitrary web script or HTML via the Username parame...
Mailenable Mailenable 3.52
Mailenable Mailenable 3.12
Mailenable Mailenable 3.11
Mailenable Mailenable 3.61
Mailenable Mailenable 1.73
Mailenable Mailenable 3.0
Mailenable Mailenable 3.01
Mailenable Mailenable 4.11
Mailenable Mailenable 1.52
Mailenable Mailenable 1.53
Mailenable Mailenable 1.71
Mailenable Mailenable 1.72
Mailenable Mailenable 4.24
Mailenable Mailenable 4.15
Mailenable Mailenable 1.79
Mailenable Mailenable 3.53
Mailenable Mailenable 1.75
Mailenable Mailenable 1.76
Mailenable Mailenable 3.6
Mailenable Mailenable 1.74
Mailenable Mailenable 4.1
Mailenable Mailenable 4.13
2 EDB exploits
480
VMScore
CVE-2006-1205
Multiple cross-site scripting (XSS) vulnerabilities in myWebland myBloggie 2.1.3 beta and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) confirmredirect and (2) post_id parameters in (a) delcomment.php, as reachable when mode=del...
Mywebland Mybloggie 2.1.2
Mywebland Mybloggie 2.1.3
Mywebland Mybloggie 2.1.3 Beta
10 EDB exploits
490
VMScore
CVE-2008-3260
Multiple cross-site scripting (XSS) vulnerabilities in Claroline prior to 1.8.10 allow remote malicious users to inject arbitrary web script or HTML via (1) the cwd parameter in a rqMkHtml action to document/rqmkhtml.php, or the query string to (2) announcements/announcements.php...
Claroline Claroline 1.5.4
Claroline Claroline 1.6
Claroline Claroline 1.7.5
Claroline Claroline 1.7.6
Claroline Claroline 1.8.5
Claroline Claroline 1.8.6
Claroline Claroline 1.2
Claroline Claroline 1.6 Beta
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.7.7
Claroline Claroline 1.8.0
Claroline Claroline 1.8.7
Claroline Claroline 1.8.8
Claroline Claroline 1.3
Claroline Claroline 1.4
Claroline Claroline 1.7
Claroline Claroline 1.7.1
Claroline Claroline 1.8.1
Claroline Claroline 1.8.2
Claroline Claroline
Claroline Claroline 1.5
Claroline Claroline 1.5.3
12 EDB exploits
450
VMScore
CVE-2011-5214
Multiple cross-site scripting (XSS) vulnerabilities in BrowserCRM 5.100.01 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) modules/admin/admin_module_index.php, or (3) modules/calendar/customise_cal...
Browsercrm Browsercrm 4.999.20
Browsercrm Browsercrm 4.691.01
Browsercrm Browsercrm 4.622.00
Browsercrm Browsercrm 4.620.01
Browsercrm Browsercrm 4.612.00
Browsercrm Browsercrm 4.611.01
Browsercrm Browsercrm
Browsercrm Browsercrm 5.100.00
Browsercrm Browsercrm 4.624.90
Browsercrm Browsercrm 4.624.80
Browsercrm Browsercrm 4.619.00
Browsercrm Browsercrm 4.617.00
Browsercrm Browsercrm 4.610.00
Browsercrm Browsercrm 4.607.00
Browsercrm Browsercrm 5.002.00
Browsercrm Browsercrm 5.001.00
Browsercrm Browsercrm 4.624.70
Browsercrm Browsercrm 4.624.60
Browsercrm Browsercrm 4.616.00
Browsercrm Browsercrm 4.615.11
Browsercrm Browsercrm 4.605.00
Browsercrm Browsercrm 4.604.01
4 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »