Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-11559
A reflected Cross-site scripting (XSS) vulnerability in HRworks V 1.16.1 allows remote malicious users to inject arbitrary web script or HTML via the URL parameter to the Login component.
Hrworks Hrworks 1.16.1
383
VMScore
CVE-2011-1523
Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the layer parameter.
Nagios Nagios 2.0b1
Nagios Nagios 2.0
Nagios Nagios 1.0b3
Nagios Nagios 1.0b2
Nagios Nagios 3.0
Nagios Nagios 2.0b5
Nagios Nagios 2.0b4
Nagios Nagios 1.2
Nagios Nagios 1.1
Nagios Nagios 1.0 B1
Nagios Nagios 1.0 B2
Nagios Nagios 3.0.3
Nagios Nagios 3.0.2
Nagios Nagios 2.1
Nagios Nagios 2.4
Nagios Nagios 3.0.1
Nagios Nagios 1.4.1
Nagios Nagios 2.5
Nagios Nagios 2.7
Nagios Nagios 2.10
Nagios Nagios 2.0b3
Nagios Nagios 2.0b2
384
VMScore
CVE-2020-26297
mdBook is a utility to create modern online books from Markdown files and is written in Rust. In mdBook before version 0.4.5, there is a vulnerability affecting the search feature of mdBook, which could allow an malicious user to execute arbitrary JavaScript code on the page. The...
Rust-lang Mdbook
2 Github repositories
454
VMScore
CVE-2014-2278
Unrestricted file upload vulnerability in op/op.AddFile2.php in SeedDMS (formerly LetoDMS and MyDMS) prior to 4.3.4 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension specified by the partitionIndex parameter and leveraging CV...
Seeddms Seeddms
383
VMScore
CVE-2014-2280
Cross-site scripting (XSS) vulnerability in the search feature in SeedDMS (formerly LetoDMS and MyDMS) prior to 4.3.4 allows remote malicious users to inject arbitrary web script or HTML via the query parameter.
Seeddms Seeddms 3.4.3
Seeddms Seeddms 3.3.12
Seeddms Seeddms
383
VMScore
CVE-2005-4305
Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1, and 0.9.2 allows remote malicious users to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it is returned in an error page.
Edgewall Software Trac 0.9.2
Edgewall Software Trac 0.9
Edgewall Software Trac 0.9.1
312
VMScore
CVE-2012-3871
Cross-site scripting (XSS) vulnerability in data/hybrid/i_hybrid.php in Open Constructor 3.12.0 allows remote authenticated users to inject arbitrary web script or HTML via the header parameter.
Openconstructor Project Openconstructor 3.12.0
570
VMScore
CVE-2012-4030
Chamilo prior to 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote malicious users to delete arbitrary files.
Chamilo Chamilo Lms
383
VMScore
CVE-2007-3056
Cross-site scripting (XSS) vulnerability in filedetails.php in WebSVN 2.0rc4, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via the path parameter.
Websvn Websvn
385
VMScore
CVE-2017-2493
An issue exists in certain Apple products. iOS prior to 10.3 is affected. Safari prior to 10.1 is affected. iCloud prior to 6.2 on Windows is affected. tvOS prior to 10.2 is affected. The issue involves the "WebKit" component. It allows remote malicious users to bypass ...
Apple Iphone Os
Apple Safari
Apple Tvos
Apple Icloud
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »