Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site scripting vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-8777
Alfresco Enterprise prior to 5.2.7 and Alfresco Community prior to 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document.
Alfresco Alfresco
1 EDB exploit
5.4
CVSSv3
CVE-2020-8778
Alfresco Enterprise prior to 5.2.7 and Alfresco Community prior to 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project.
Alfresco Alfresco
1 EDB exploit
6.1
CVSSv3
CVE-2018-11339
An XSS issue exists in Frappe ERPNext v11.x.x-develop b1036e5 via a comment.
Frappe Erpnext 11.x.x-develop B1036e5
1 EDB exploit
NA
CVE-2013-2750
Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 prior to 1.0.3 allows remote malicious users to inject arbitrary web script or HTML via the query string.
E107 E107 0.7.17
E107 E107 0.7.18
E107 E107 0.7.19
E107 E107 0.7.2
E107 E107
E107 E107 0.7.1
E107 E107 0.7.10
E107 E107 0.7.11
E107 E107 0.7.12
E107 E107 0.7.3
E107 E107 0.7.4
E107 E107 0.7.5
E107 E107 0.7.6
E107 E107 0.7.0
E107 E107 0.7.13
E107 E107 0.7.15
E107 E107 0.7.21
E107 E107 0.7.24
E107 E107 0.7.8
E107 E107 1.0.1
E107 E107 0.7.14
E107 E107 0.7.16
1 EDB exploit
5.4
CVSSv3
CVE-2018-7465
An XSS issue exists in VirtueMart prior to 3.2.14. All the textareas in the backend of the plugin can be closed by simply adding </textarea> to the value and saving the product/config. By editing back the product/config, the editor's browser will execute everything aft...
Virtuemart Virtuemart
1 EDB exploit
NA
CVE-2010-4909
Multiple cross-site scripting (XSS) vulnerabilities in PaysiteReviewCMS 1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) q parameter to search.php or the (2) image parameter to image.php.
Mechbunny Paysitereviewcms 1.1
2 EDB exploits
5.4
CVSSv3
CVE-2020-8776
Alfresco Enterprise prior to 5.2.7 and Alfresco Community prior to 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file.
Alfresco Alfresco
1 EDB exploit
NA
CVE-2012-1979
Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the email parameter (aka Email address field) in an edit_user configuration action.
Syndeocms Syndeocms 2.8.00
Syndeocms Syndeocms 2.7.00
Syndeocms Syndeocms 2.9.00
Syndeocms Syndeocms 2.8.1
Syndeocms Syndeocms 2.8.02
Syndeocms Syndeocms 2.4
Syndeocms Syndeocms 2.6.00
Syndeocms Syndeocms 2.5.01
Syndeocms Syndeocms
Syndeocms Syndeocms 3.0.00
Syndeocms Syndeocms 2.5.00
Syndeocms Syndeocms 2.4.10
1 EDB exploit
NA
CVE-2006-4593
Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Softbb Softbb 0.1
1 EDB exploit
5.4
CVSSv3
CVE-2017-3131
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 up to and including 5.4.4 and 5.6.0 allows malicious users to execute unauthorized code or commands via the filter input in "Applications" under FortiView.
Fortinet Fortios 5.4.4
Fortinet Fortios 5.6.0
Fortinet Fortios 5.4.3
Fortinet Fortios 5.4.2
Fortinet Fortios 5.4.1
Fortinet Fortios 5.4.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »