Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflected xss vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-6039
Multiple cross-site scripting (XSS) vulnerabilities in NagiosQL 3.2 SP2 allow remote malicious users to inject arbitrary web script or HTML via the txtSearch parameter to (1) admin/hostdependencies.php, (2) admin/hosts.php, or other unspecified pages that allow search input, rela...
Nagiosql Nagiosql 3.2
4.3
CVSSv2
CVE-2012-3872
Multiple cross-site scripting (XSS) vulnerabilities in Open Constructor 3.12.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the result parameter to data/file/edit.php, (2) the q parameter to confirm.php, or (3) the keyword parameter to users/users.p...
Openconstructor Project Openconstructor 3.12.0
3 EDB exploits
3.5
CVSSv2
CVE-2018-9034
Cross-site scripting (XSS) vulnerability in lib/interface.php of the Relevanssi plugin 4.0.4 for WordPress allows remote malicious users to inject arbitrary JavaScript or HTML via the tab GET parameter.
Relevanssi Relevanssi
1 EDB exploit
3.5
CVSSv2
CVE-2019-12702
A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote malicious user to conduct cross-site scripting attacks. The vulnerability is due to insufficient validation of user-supplied input by...
Cisco Spa112 Firmware
Cisco Spa112 Firmware 1.4.1
Cisco Spa122 Firmware
Cisco Spa122 Firmware 1.4.1
4.3
CVSSv2
CVE-2017-18364
phpFK lite has XSS via the faq.php, members.php, or search.php query string or the user.php user parameter.
Frank-karau Phpfk -
4.3
CVSSv2
CVE-2015-1575
Multiple cross-site scripting (XSS) vulnerabilities in u5CMS prior to 3.9.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) c, (2) i, (3) l, or (4) p parameter to index.php; the (5) a or (6) b parameter to u5admin/cookie.php; the name parameter to ...
Yuba U5cms
1 EDB exploit
4.3
CVSSv2
CVE-2018-0406
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote malicious user to conduct a reflected or Document Object Model based (DOM-based) cross-site scripting (XSS) attack against a user of the web-based ma...
Cisco Web Security Appliance 11.5.0-fcs-581
Cisco Web Security Appliance 10.1.2-003
Cisco Web Security Appliance 10.5.1-269
4.3
CVSSv2
CVE-2019-1827
A vulnerability in the Online Help web service of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the service. The vulnerability exis...
Cisco Rv320 Firmware
Cisco Rv325 Firmware
3.5
CVSSv2
CVE-2018-0408
A vulnerability in the web-based management interface of Cisco Small Business 300 Series (Sx300) Managed Switches could allow an authenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of a...
Cisco Sf300-08 Firmware
Cisco Sf302-08 Firmware
Cisco Sf302-08p Firmware
Cisco Sf302-08pp Firmware
Cisco Sf302-08mp Firmware
Cisco Sf302-08mpp Firmware
Cisco Sf300-24 Firmware
Cisco Sf300-24p Firmware
Cisco Sf300-24pp Firmware
Cisco Sf300-24mp Firmware
Cisco Sf300-48 Firmware
Cisco Sf300-48p Firmware
Cisco Sf300-48pp Firmware
Cisco Sg300-10 Firmware
Cisco Sg300-10sfp Firmware
Cisco Sg300-10p Firmware
Cisco Sg300-10pp Firmware
Cisco Sg300-10mp Firmware
Cisco Sg300-10mpp Firmware
Cisco Sg300-20 Firmware
Cisco Sg300-28 Firmware
Cisco Sg300-28p Firmware
4.3
CVSSv2
CVE-2014-8774
Cross-site scripting (XSS) vulnerability in manager/index.php in MODX Revolution 2.x prior to 2.2.15 allows remote malicious users to inject arbitrary web script or HTML via the context_key parameter.
Modx Modx Revolution 2.1.0
Modx Modx Revolution 2.1.1
Modx Modx Revolution 2.1.2
Modx Modx Revolution 2.1.3
Modx Modx Revolution 2.2.6
Modx Modx Revolution 2.2.7
Modx Modx Revolution 2.2.8
Modx Modx Revolution 2.2.9
Modx Modx Revolution 2.0.6
Modx Modx Revolution 2.0.8
Modx Modx Revolution 2.1.4
Modx Modx Revolution 2.2.0
Modx Modx Revolution 2.2.10
Modx Modx Revolution 2.2.2
Modx Modx Revolution 2.2.4
Modx Modx Revolution 2.0.0
Modx Modx Revolution 2.0.5
Modx Modx Revolution 2.0.7
Modx Modx Revolution 2.1.5
Modx Modx Revolution 2.2.1
Modx Modx Revolution 2.2.3
Modx Modx Revolution 2.2.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »