Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
script security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6473
_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote malicious users to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter.
Blogator-script Blogator-script 0.95
1 EDB exploit
NA
CVE-2014-4664
Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin prior to 5.1.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the whoisval parameter on the WordfenceWhois page to wp-admin/admin.php.
Wordfence Security Project Wordfence Security 5.1.2
Wordfence Security Project Wordfence Security 5.1.1
Wordfence Security Project Wordfence Security 5.0.3
Wordfence Security Project Wordfence Security 5.0.2
Wordfence Security Project Wordfence Security 5.0.7
Wordfence Security Project Wordfence Security 5.0.6
Wordfence Security Project Wordfence Security 5.0.9
Wordfence Security Project Wordfence Security 5.0.8
Wordfence Security Project Wordfence Security 5.0.1
Wordfence Security Project Wordfence Security 5.0.5
Wordfence Security Project Wordfence Security 5.0.4
2 Github repositories
NA
CVE-2008-6225
SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote malicious users to execute arbitrary SQL commands via the flight parameter. NOTE: the vendor has disputed this issue, stating "crazy hackers and so named Security companies [spread...
Mole-group Airline Ticket Sale Script -
1 EDB exploit
NA
CVE-2006-3271
Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote malicious users to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) ...
Softbiz Dating Script 1.0
5 EDB exploits
NA
CVE-2012-4263
Cross-site scripting (XSS) vulnerability in inc/admin/content.php in the Better WP Security (better_wp_security) plugin prior to 3.2.5 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the HTTP_USER_AGENT header.
Bit51 Better-wp-security 3.2.1
Bit51 Better-wp-security 3.2
Bit51 Better-wp-security 3.0.7
Bit51 Better-wp-security 3.0.6
Bit51 Better-wp-security 2.18
Bit51 Better-wp-security 2.17
Bit51 Better-wp-security 2.9
Bit51 Better-wp-security 2.8
Bit51 Better-wp-security 2.1
Bit51 Better-wp-security 2.0
Bit51 Better-wp-security 1.4
Bit51 Better-wp-security 1.3
Bit51 Better-wp-security 0.11
Bit51 Better-wp-security 0.10
Bit51 Better-wp-security 0.3
Bit51 Better-wp-security 0.2
Bit51 Better-wp-security -
Bit51 Better-wp-security
Bit51 Better-wp-security 3.2.3
Bit51 Better-wp-security 3.2.2
Bit51 Better-wp-security 3.0.9
Bit51 Better-wp-security 3.0.8
NA
CVE-2003-1171
Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 up to and including 1.7.1 in Apache 2 allows remote malicious users to execute arbitrary code via a server side script that sends a large amount of data.
Mod Security Mod Security 1.7
Mod Security Mod Security 1.7.1
NA
CVE-2012-4264
Multiple cross-site scripting (XSS) vulnerabilities in the Better WP Security (better_wp_security) plugin prior to 3.2.5 for WordPress allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to "server variables," a different ...
Bit51 Better-wp-security 3.2.3
Bit51 Better-wp-security 3.2.1
Bit51 Better-wp-security 3.1
Bit51 Better-wp-security 3.0.8
Bit51 Better-wp-security 3.0.6
Bit51 Better-wp-security 2.18
Bit51 Better-wp-security 2.16
Bit51 Better-wp-security 2.11
Bit51 Better-wp-security 2.9
Bit51 Better-wp-security 2.7
Bit51 Better-wp-security 2.2
Bit51 Better-wp-security 2.0
Bit51 Better-wp-security 1.4
Bit51 Better-wp-security 1.2
Bit51 Better-wp-security 0.14
Bit51 Better-wp-security 0.11
Bit51 Better-wp-security 0.9
Bit51 Better-wp-security 0.4
Bit51 Better-wp-security 0.2
Bit51 Better-wp-security -
Bit51 Better-wp-security 3.0.12
Bit51 Better-wp-security 3.0.11
NA
CVE-2013-3487
Multiple cross-site scripting (XSS) vulnerabilities in the security log in the BulletProof Security plugin before .49 for WordPress allow remote malicious users to inject arbitrary web script or HTML via unspecified HTML header fields to (1) 400.php, (2) 403.php, or (3) 403.php.
Ait-pro Bulletproof-security .48.2
Ait-pro Bulletproof-security .48.1
Ait-pro Bulletproof-security .47.4
Ait-pro Bulletproof-security .47.3
Ait-pro Bulletproof-security .46.6
Ait-pro Bulletproof-security .46.5
Ait-pro Bulletproof-security .46.4
Ait-pro Bulletproof-security .45.7
Ait-pro Bulletproof-security .45.6
Ait-pro Bulletproof-security
Ait-pro Bulletproof-security .48.8
Ait-pro Bulletproof-security .48.7
Ait-pro Bulletproof-security .48
Ait-pro Bulletproof-security .47.9
Ait-pro Bulletproof-security .47.2
Ait-pro Bulletproof-security .47.1
Ait-pro Bulletproof-security .46.3
Ait-pro Bulletproof-security .46.2
Ait-pro Bulletproof-security .45.5
Ait-pro Bulletproof-security .45.4
Ait-pro Bulletproof-security .48.4
Ait-pro Bulletproof-security .48.3
NA
CVE-2007-0563
Multiple cross-site scripting (XSS) vulnerabilities in Symantec Web Security (SWS) prior to 3.0.1.85 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to (1) error messages and (2) blocked page messages produced by SWS.
Symantec Web Security 3.01.67
Symantec Web Security 3.01.68
Symantec Web Security 3.01.61
Symantec Web Security 3.01.62
Symantec Web Security 3.01.63
Symantec Web Security 3.0.1.72
Symantec Web Security 3.01.59
Symantec Web Security 3.01.60
5.4
CVSSv3
CVE-2015-1952
Cross-site scripting (XSS) vulnerability in IBM AppScan Enterprise Edition 9.0.x prior to 9.0.2 iFix 001 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 103416.
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 8.7.0.0
Ibm Security Appscan 9.0.0.0
Ibm Security Appscan 9.0.1.0
Ibm Security Appscan 9.0.2.0
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 8.8.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »