CWE:
 

Topic
Date
Author
Low
Oracle Web Center 11.1.1.9.0 / 12.2.1.1.0 / 12.2.1.2.0 XSS
23.07.2017
Owais
Low
WordPress Task Manager Pro 1.31 Cross Site Scripting
21.07.2017
8bitsec
Low
PEGA Platform 7.2 ML0 Missing Access Control / Cross Site Scripting
19.07.2017
Daniel Correa
Low
Vodafone Italia Webmail Cross Site Scripting
14.07.2017
theMiddle
Med.
AGFEO Smart Home ES 5xx / 6xx Authentication Bypass / XSS / Hardcoded Credentials
12.07.2017
SEC
Low
RaidenHTTPD 2.0.44 User-Agent Cross Site Scripting
12.07.2017
sultan albalawi
Low
CMS Showcase - Multiple Reflected Cross-Site Scripting
12.07.2017
Felipe "Renzi" Gabriel...
Low
ObjectPlanet Opinio 7.6.3 Cross Site Scripting
12.07.2017
Kasper Karlsson
Low
Wordpress Plugin How-Interest Cross-Site Scripting
11.07.2017
@wazehell
Low
kiteworks by Accellion - Reflected XSS
11.07.2017
bRpsd
Low
Rise Ultimate Project Manager 1.8 Cross Site Scripting
11.07.2017
8bitsec
Low
Schneider Electric Pelco Sarix/Spectra Cameras XSS
11.07.2017
Gjoko 'LiquidWorm' Krs...
Low
Joomla Akobook Component Cross-Site Scripting
10.07.2017
Obsidian Cyber Team
Med.
Yaws 2.0 Cross Site Scripting
05.07.2017
sultan albalawi
Low
Humax Digital HG100R 2.0.6 XSS / Information Disclosure
04.07.2017
The Gambler
Low
Webmin 1.840 Cross Site Scripting
04.07.2017
Andy Tan
Low
Xenforo Forum CMS 1.5.13 Cross Site Scripting
04.07.2017
insecurity
Low
Microsoft Dynamic CRM 2016 Cross Site Scripting
01.07.2017
GrA(c)gory Draperi
Med.
Kaspersky Anti-Virus File Server 8.0.3.297 XSS / CSRF / Code Execution
29.06.2017
CORE
Med.
Cisco Prime Infrastructure 3.1.6 XXE Injection / XSS / LFD / SQL Injection
25.06.2017
SEC Consult
Low
SimpleRisk v20170416-001 Reflected XSS Vulnerabilities
22.06.2017
Gjoko 'LiquidWorm' Krs...
Low
WordPress Download Manager 2.9.46 / 2.9.51 Cross Site Scripting
21.06.2017
Tom Adams
Low
Ektron CMS 9.10SP1 Cross Site Scripting
20.06.2017
Siyavash and Edmund
Low
SadafBlog Script Cross Site Scripting Stored
19.06.2017
GIST
Med.
Invision Power Board 4.1.19.2 XSS / CSRF / File Upload / Disclosure
15.06.2017
insecurity
Med.
SimpleCE 2.3.0 Cross Site Request Forgery / Cross Site Scripting
15.06.2017
8bitsec
Med.
Camstudio 2.0 XSS / XSF / Content Forgery
15.06.2017
insecurity
Low
MyBB 1.8.12 Stored XSS / File Enumeration
14.06.2017
5tarboy
Low
Evolution Script CMS 5.3 Cross Site Scripting
13.06.2017
Vulnerability Lab
Low
RSA Products Cross Site Scripting
12.06.2017
Lukasz Plonka
Low
Evolution Script CMS v5.3 - Cross Site Scripting Vulnerability
12.06.2017
Vulnerability Lab
Low
Composr CMS v10.0.0 - Cross Site Scripting Vulnerability
12.06.2017
Vulnerability Lab
High
Craft CMS 2.6 Cross Site Scripting / File Upload
08.06.2017
Ahsan Tahir
Low
Sophos Cyberoam Cross Site Scripting
07.06.2017
Bhadresh
Low
GravCMS Core 1.4.2 Cross Site Scripting
07.06.2017
Ahsan Tahir
High
Perch CMS 3.0.3 Cross Site Scripting / File Upload
07.06.2017
Vulnerability Lab
Low
Subsonic 6.1.1 Persistent XSS
06.06.2017
hyp3rlinx
Low
WordPress No External Links 3.5.17 Cross Site Scripting
03.06.2017
DefenseCode
Med.
WordPress Tribulant Newsletters 4.6.4.2 XSS / File Disclosure
03.06.2017
DefenseCode
Low
WebKit CachedFrameBase::restore Universal Cross Site Scripting
01.06.2017
lokihardt
Low
WebKit Document::prepareForDestruction / CachedFrame Universal XSS
01.06.2017
lokihardt
Low
WebKit CachedFrame Universal Cross Site Scripting
01.06.2017
lokihardt
Low
WordPress Simple Slideshow Manager 2.2 Cross Site Scripting
31.05.2017
DefenceCode
Low
ampache v3.8.2 Cross Site Scripting
30.05.2017
hyp3rlinx
Low
Aries QWR-1104 Wireless-N Cross Site Scripting
28.05.2017
Touhid M.Shaikh
Low
Sunell IPCAMERA IPR54/14AKDN(II)/13 Cross Site Scripting
28.05.2017
Stephan Sekula
Low
WordPress AffiliateWP 2.0.8 Cross Site Scripting
28.05.2017
defensecode
Low
WordPress All In One Schema.org Rich Snippets 1.4.1 XSS
28.05.2017
defensecode
Low
Sunell IPR54/14AKDN(II)/13 Cross Site Scripting
28.05.2017
Stephan Sekula
Low
QWR-1104 Wireless-N Router - Cross-Site Scripting
27.05.2017
Touhid M.Shaikh
Low
WebKit ContainerNode::parserRemoveChild (2) Universal Cross Site Scripting
26.05.2017
lokihardt
High
InvoicePlane 1.4.10 File Upload / Cross Site Scripting
24.05.2017
Jasveer Singh
Low
Alex Guestbook 5.0.4 Cross Site Scripting
24.05.2017
Persian Hack Team
Low
Simple ASC CMS 1.2 Cross Site Scripting
24.05.2017
Vulnerability Lab
Low
WordPress Newsletter Supsystic 1.1.7 Cross Site Scripting
24.05.2017
Vulnerability Lab
Low
Binary Solutions Indonesia CMS Cross Site Scripting
21.05.2017
Berandal
Low
CaseAware Cross Site Scripting
20.05.2017
justpentest
Low
Kodak InSite 8.0 Cross Site Scripting
20.05.2017
rsanchezr
Low
PingID MFA Cross Site Scripting
17.05.2017
Stephan Sekula
Med.
Trend Micro Interscan Web Security Virtual Appliance (IWSVA) 6.5 SP2 XSS / Disclosure
17.05.2017
SlidingWindow
Med.
WordPress EELV Newsletter 4.5 XSS / CSRF
17.05.2017
Vulnerability Lab
Low
INFOR EAM 11.0 Build 201410 Cross Site Scripting
16.05.2017
Yoroi
High
CMS Made Simple 2.1.6 Code Execution / Cross Site Scripting
14.05.2017
Osanda Malith Jayathis...
Med.
Trashbilling.com / Trashflow 3.0 XSS / SQL Injection
14.05.2017
g00se
Low
TYCHE STUDIO CMS SQL Injection XSS
12.05.2017
Berandal | OWL SQUAD
Med.
Dolibarr 4.0.4 SQL Injection / XSS / Weaknesses
11.05.2017
FOXMOLE
Med.
BanManager WebUI 1.5.8 Code Injection / Cross Site Scripting
11.05.2017
HaHwul
Low
ViMbAdmin 3.0.15 Cross Site Scripting
06.05.2017
Florian NIVETTE
Low
WordPress FancyProductDesigner 3.4.2 Stored XSS
04.05.2017
5tarboy
Low
Mura CMS 7.0.6967 Cross Site Scripting
04.05.2017
Zhao Liang
Low
Arachni 1.5-0.5.11 Cross Site Scripting
04.05.2017
Vulnerability Lab
Low
Serviio PRO 1.8 DLNA Media Streaming Server (mediabrowser) XSS
04.05.2017
Gjoko 'LiquidWorm' Krs...
Low
Zenario 7.6 Cross Site Scripting
04.05.2017
Vulnerability Lab
Low
Zenario 7.6 Persistent Cross Site Scripting
04.05.2017
Vulnerability Lab
Low
Emby MediaServer 3.2.5 Reflected XSS Vulnerability
30.04.2017
Gjoko 'LiquidWorm' Krs...
Low
Live Helper Chat 2.58v Cross Site Scripting
28.04.2017
Sylvain Heiniger
Med.
Revive Ad Server 4.0.1 Cross Site Request Forgery / Cross Site Scripting
27.04.2017
Cyril Vallicari
Low
Joomla jDBexport 3.2.10 Cross Site Scripting / Path Disclosure
27.04.2017
Persian Hack Team
Low
Flyspray 1.0-rc4 Cross Site Scripting
26.04.2017
CYRIL VALLICARI
Low
OXATIS 2017 Cross Site Scripting
25.04.2017
HTTPCS
Low
Web Design by Dadevarzan (Xss)
23.04.2017
The Devil
Low
Apple WebKit/Safari 10.0.2 (12602.3.12.0.1) PrototypeMap::createEmptyStructure XS
21.04.2017
Google Security Resear...
Low
Apple WebKit/Safari 10.0.2 (12602.3.12.0.1) operationSpreadGeneric XSS
21.04.2017
Google Security Resear...
Low
WebKit operationSpreadGeneric Universal Cross Site Scripting
19.04.2017
lokihardt
Med.
Word Directory Script 2.1 Cross Site Scripting / SQL Injection
15.04.2017
Bilal KARDADOU
Low
Scriptler Jenkins 2.9 Cross Site Scripting
15.04.2017
Burak Kelebek
Low
Agorum Core Pro 7.8.1.4-251 Cross Site Scripting
14.04.2017
Dr. Erlijn van Genucht...
Low
theWP - Film Theme V2 Cross Site Scripting
13.04.2017
Darkcrew
Low
MyBB <1.8.11 Cross Site Scripting
12.04.2017
Zhiyang Zeng
Low
Apple WebKit disconnectSubframes UXSS
10.04.2017
lokihardt
Low
WebKit Focus Event UXSS
10.04.2017
lokihardt
Med.
WebKit Synchronous Page Load UXSS
10.04.2017
lokihardt
Low
A4Haber Portalı Theme V2 Cross Site Scripting
08.04.2017
Darkcrew.Org
Low
iPlatinum iOneView Multiple Parameter Reflected XSS
06.04.2017
Patrick Webster
Low
IranSamaneh CMS Cross Site Scripting
05.04.2017
Zero Security Group
Low
mailman v 2.1.8 reflected cross site scripting
29.03.2017
alqnas eslam
Low
aparat Cross Site Scripting
27.03.2017
Turk@Xtra
Low
MetInfo 5.3.15 Cross Site Scripting
20.03.2017
Arice.chen
Low
ClipBucket 2.8.2 Cross Site Scripting
20.03.2017
NoGe
Low
HumHub 1.0.1 Cross Site Scripting
20.03.2017
Tim Coen


CVEMAP Search Results

CVE
Details
Description
2015-02-20
Low
CVE-2015-0167

Vendor: Textangular
Software: Textangular
 

 
Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in textAngular before 1.3.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the editor.

 
Low
CVE-2015-2040

Vendor: Cfdbplugin
Software: Contact form db
 

 
Cross-site scripting (XSS) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin 2.8.26 for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit_time parameter in the CF7DBPluginSubmissions page to wp-admin/admin.php.

 
2015-02-19
Low
CVE-2014-6301

Vendor: Pnmsoft
Software: Sequence kin...
 

 
Multiple cross-site scripting (XSS) vulnerabilities in the tables-management module in PNMsoft Sequence Kinetics before 7.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 
Low
CVE-2014-9468

Vendor: Instantasp
Software: Instantforum
 

 
Multiple cross-site scripting (XSS) vulnerabilities in InstantASP InstantForum.NET 4.1.3, 4.1.2, 4.1.1, 4.0.0, 4.1.0, and 3.4.0 allow remote attackers to inject arbitrary web script or HTML via the SessionID parameter to (1) Join.aspx or (2) Logon.aspx.

 
Low
CVE-2015-1603

Vendor: Adminsystems cms project
Software: Adminsystems cms
 

 
Multiple cross-site scripting (XSS) vulnerabilities in Adminsystems CMS before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php or (2) id parameter in a users_users action to asys/site/system.php.

 
Low
CVE-2015-1879

Vendor: Google doc embedder
Software: Google doc e...
 

 
Cross-site scripting (XSS) vulnerability in the Google Doc Embedder plugin before 2.5.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the profile parameter in an edit action in the gde-settings page to wp-admin/options-general.php.

 
2015-02-18
Low
CVE-2015-0623

Vendor: Cisco
Software: Web security...
 

 
Cross-site scripting (XSS) vulnerability in the Administrator report page on Cisco Web Security Appliance (WSA) devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus40627.

 
2015-02-17
Low
CVE-2015-1617

Vendor: Mcafee
Software: Data loss pr...
 

 
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

 
Low
CVE-2015-1619

Vendor: Mcafee
Software: Email gateway
 

 
Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest messages.

 
Low
CVE-2015-1621

Vendor: Webform prepopulate block project
Software: Webform prep...
 

 
Cross-site scripting (XSS) vulnerability in the Webform prepopulate block module before 7.x-3.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

 

 


Copyright 2017, cxsecurity.com