Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflected xss vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2018-12653
A Reflected Cross Site Scripting (XSS) vulnerability exists in Adrenalin HRMS 5.4.0. An attacker can input malicious JavaScript code in /RPT/SSRSDynamicEditReports.aspx via 'ReportId' parameter.
Myadrenalin Adrenalin 5.4.0
1 EDB exploit
383
VMScore
CVE-2020-3599
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the we...
Cisco Adaptive Security Appliance
Cisco Adaptive Security Appliance Software
383
VMScore
CVE-2019-11604
An issue exists in Quest KACE Systems Management Appliance prior to 9.1. The script at /service/kbot_service_notsoap.php is vulnerable to unauthenticated reflected XSS when user-supplied input to the METHOD GET parameter is processed by the web application. Since the application ...
Quest Kace Systems Management Appliance
NA
CVE-2023-27572
An issue exists in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerability exists in the https_redirect.php web page via the page parameter.
Commscope Dg3450 Firmware Ar01.02.056.18 041520 711.ncs.10
578
VMScore
CVE-2019-9164
Command injection in Nagios XI prior to 5.5.11 allows an authenticated users to execute arbitrary remote commands via a new autodiscovery job.
Nagios Nagios Xi
641
VMScore
CVE-2019-9166
Privilege escalation in Nagios XI prior to 5.5.11 allows local malicious users to elevate privileges to root via write access to config.inc.php and import_xiconfig.php.
Nagios Nagios Xi
1 Github repository
578
VMScore
CVE-2019-9202
Nagios IM (component of Nagios XI) prior to 2.2.7 allows authenticated users to execute arbitrary code via API key issues.
Nagios Incident Manager
1 Github repository
668
VMScore
CVE-2019-9203
Authorization bypass in Nagios IM (component of Nagios XI) prior to 2.2.7 allows closing incidents in IM via the API.
Nagios Incident Manager
1 Github repository
668
VMScore
CVE-2019-9204
SQL injection vulnerability in Nagios IM (component of Nagios XI) prior to 2.2.7 allows malicious users to execute arbitrary SQL commands.
Nagios Incident Manager
1 Github repository
668
VMScore
CVE-2019-9165
SQL injection vulnerability in Nagios XI prior to 5.5.11 allows malicious users to execute arbitrary SQL commands via the API when using fusekeys and malicious user id.
Nagios Nagios Xi
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »