Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xss man vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-17046
translate man prior to 2018-08-21 has XSS via containers/outputBox/outputBox.vue and store/index.js.
Translate Man Project Translate Man
435
VMScore
CVE-2005-4435
Cross-site scripting (XSS) vulnerability in index.php AbleDesign D-Man 3.x allows remote malicious users to inject arbitrary web script or HTML via the title parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informati...
Abledesign D-man 3.0
1 EDB exploit
585
VMScore
CVE-2013-1651
OXUpdater in Open-Xchange Server prior to 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof update servers and install arbitrary software via a crafted certificat...
Open-xchange Open-xchange Server 6.22.1
Open-xchange Open-xchange Server 6.22.0
Open-xchange Open-xchange Server 6.20.7
1 EDB exploit
935
VMScore
CVE-2018-6221
An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle malicious user to tamper with an update file and inject their own.
Trendmicro Email Encryption Gateway 5.5
1 EDB exploit
571
VMScore
CVE-2016-2176
The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL prior to 1.0.1t and 1.0.2 prior to 1.0.2h allows remote malicious users to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data.
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2g
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl
Openssl Openssl 1.0.2f
Openssl Openssl 1.0.2d
1 Article
668
VMScore
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla Firefox
Apple Mac Os X
Suse Linux Enterprise Server 11
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mcafee Policy Auditor
Python Python
1 Article
383
VMScore
CVE-2016-4897
Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin prior to 1.690.
Webmin Usermin
NA
CVE-2023-45706
An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the Middle (MITM) exploit through SAML configuration.
605
VMScore
CVE-2003-0292
Cross-site scripting (XSS) vulnerability in Inktomi Traffic-Server 5.5.1 allows remote malicious users to insert arbitrary web script or HTML into an error page that appears to come from the domain that the client is visiting, aka "Man-in-the-Middle" XSS.
Inktomi Inktomi Traffic-server 5.5.1
232
VMScore
CVE-2016-7055
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 prior to 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are imp...
Openssl Openssl
Nodejs Node.js
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »