Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
onur yilmaz vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-7348
Cross-site scripting (XSS) vulnerability in zTree 3.5.19.1 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the id parameter to demo/en/asyncData/getNodesForBigData.php.
Ztree Project Ztree
4.3
CVSSv2
CVE-2014-7183
Multiple cross-site scripting (XSS) vulnerabilities in the search.php in LiteCart 1.1.2.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) query parameter or (2) QUERY_STRING.
Litecart Litecart
4.3
CVSSv2
CVE-2015-6584
Cross-site scripting (XSS) vulnerability in the DataTables plugin 1.10.8 and previous versions for jQuery allows remote malicious users to inject arbitrary web script or HTML via the scripts parameter to media/unit_testing/templates/6776.php.
Sprymedia Datatables
4.3
CVSSv2
CVE-2014-9325
Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) QUERYSTRING variable in lib/TWiki.pm or (2) QUERYPARAMSTRING variable in lib/TWiki/UI/View.pm, as demonstrated by the QUERY_STRING to...
Twiki Twiki 6.0.1
4.3
CVSSv2
CVE-2014-9367
Incomplete blacklist vulnerability in the urlEncode function in lib/TWiki.pm in TWiki 6.0.0 and 6.0.1 allows remote malicious users to conduct cross-site scripting (XSS) attacks via a "'" (single quote) in the scope parameter to do/view/TWiki/WebSearch.
Twiki Twiki 6.0.0
Twiki Twiki 6.0.1
4.3
CVSSv2
CVE-2015-1385
Cross-site scripting (XSS) vulnerability in the Blubrry PowerPress Podcasting plugin prior to 6.0.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the cat parameter in a powerpress-editcategoryfeed action in the powerpressadmin_categoryfeed...
Blubrry Powerpress
4.3
CVSSv2
CVE-2015-2250
Multiple cross-site scripting (XSS) vulnerabilities in concrete5 prior to 5.7.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) banned_word[] parameter to index.php/dashboard/system/conversations/bannedwords/success, (2) channel parameter to index....
Concrete5 Concrete5
4.3
CVSSv2
CVE-2015-1384
Cross-site scripting (XSS) vulnerability in the Banner Effect Header plugin prior to 1.2.8 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the banner_effect_divid parameter in the BannerEffectOptions page to wp-admin/options-general.php.
Banner Effect Header Project Banner Effect Header
4.3
CVSSv2
CVE-2015-4671
Cross-site scripting (XSS) vulnerability in OpenCart prior to 2.1.0.2 allows remote malicious users to inject arbitrary web script or HTML via the zone_id parameter to index.php.
Opencart Opencart
4.3
CVSSv2
CVE-2015-3429
Cross-site scripting (XSS) vulnerability in example.html in Genericons prior to 3.3.1, as used in WordPress prior to 4.2.2, allows remote malicious users to inject arbitrary web script or HTML via a fragment identifier.
Automattic Genericons
Debian Debian Linux 8.0
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »