Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vbscript vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4308
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote malicious users to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscript, and (3) ...
Blackboard Vista 4
Blackboard Blackboard 6.0
Blackboard Blackboard Learning And Community Portal Suite 6.0
Blackboard Blackboard Learning And Community Portal Suite 6.2.3.23
1 EDB exploit
7.5
CVSSv3
CVE-2018-8174
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Se...
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1709
Microsoft Windows Server 2016 1803
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 7 -
Microsoft Windows 10 1607
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 -
Microsoft Windows 10 1703
Microsoft Windows Server 2012 -
20 Github repositories
12 Articles
7.8
CVSSv3
CVE-2017-13779
GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offline Utility tool prior to 1.2 executes winstart-server.vbs from the "C:\GST Offline Tool" directory, which has insecure permissions. This allows local users to gain privileges by replacing winstart-ser...
Gstn India Goods And Services Tax Network Offline Utility Tool
6.1
CVSSv3
CVE-2019-9844
simple-markdown.js in Khan Academy simple-markdown prior to 0.4.4 allows XSS via a data: or vbscript: URI.
Khanacademy Simple-markdown
Fedoraproject Fedora 30
8.8
CVSSv3
CVE-2019-19160
Reportexpress ProPlus contains a vulnerability that could allow an arbitrary code execution by inserted VBscript into the configure file(rxp).
Cabsoftware Reportexpress Proplus
NA
CVE-2006-6596
HyperAccess 8.4 allows user-assisted remote malicious users to execute arbitrary vbscript and commands via a session (HAW) file, which can be automatically opened using Internet Explorer.
Hilgraeve Hyperaccess 8.4
NA
CVE-2015-1370
Incomplete blacklist vulnerability in marked 0.3.2 and previous versions for Node.js allows remote malicious users to conduct cross-site scripting (XSS) attacks via a vbscript tag in a link.
Marked Project Marked
6.5
CVSSv3
CVE-2016-3271
The VBScript engine in Microsoft Edge allows remote malicious users to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."
Microsoft Edge -
6.1
CVSSv3
CVE-2022-48192
Cross-site Scripting vulnerability in Softing smartLink SW-HT prior to 1.30, which allows an malicious user to execute a dynamic script (JavaScript, VBScript) in the context of the application.
Softing Smartlink Sw-ht
NA
CVE-2006-6838
Rediff Bol Downloader ActiveX (OCX) control allows remote malicious users to execute arbitrary files, and obtain sensitive information (usernames and pathnames), via a URL in the url vbscript parameter.
Rediff Bol Downloader Activex Ocx Control
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »