CWE:
 

Topic
Date
Author
Med.
Siemens SICAM RTUs SM-2556 COM Modules XSS / Bypass / Code Execution
17.11.2017
SEC Consult
Low
TP-Link TL-WR740N Cross-Site Scripting
17.11.2017
bl00dy
Low
LanSweeper 6.0.100.75 Cross-Site Scripting
17.11.2017
Miguel Mendez Z
Low
Vonage VDV23 Cross-Site Scripting
17.11.2017
Nu11By73
Low
CA Identity Governance 12.6 Cross Site Scripting
16.11.2017
Kevin Kotas
Low
WordPress DFD Reddcoin Tips 1.1.1 Cross Site Scripting
15.11.2017
Ricardo Sanchez
Low
Allworx Server Manager 6x / 6x12 / 48x Cross Site Scripting
15.11.2017
Gjoko 'LiquidWorm' Krs...
Low
Kirby CMS < 2.5.7 Cross-Site Scripting
15.11.2017
Ishaq Mohammed
Low
WordPress Affiliate Ads For Clickbank Products 1.3 XSS
15.11.2017
Ricardo Sanchez
Low
WordPress AMP Toolbox 1.9.4 Cross Site Scripting
15.11.2017
Ricardo Sanchez
Low
WordPress Boozang 1.0.0 Cross Site Scripting
14.11.2017
Ricardo Sanchez
Low
KirbyCMS Cross Site Scripting
14.11.2017
Ishaq Mohammed
Low
Monstra CMS 3.0.4 Cross Site Scripting
14.11.2017
Ashiyane Digital secur...
Low
WordPress Cartogiraffe Map 1.0 Cross Site Scripting
14.11.2017
icardo Sanchez
Low
WordPress Appointments 2.2.2.2 Cross Site Scripting
14.11.2017
Ricardo Sanchez
Low
Vtwo cms Cross Site Scripting(Reflected) vulnerability
13.11.2017
IRANIAN ETHICAL HACKER...
Low
HindSoft Technology Cross Site Scripting
11.11.2017
SonnySpooks
Low
WordPress Secure HTML5 Video Player 3.14 Cross Site Scripting
10.11.2017
Ricardo Sanchez
Low
WordPress Ultimate Instagram Feed 1.2 Cross Site Scripting
09.11.2017
OmarK
Low
WordPress Duplicator Migration 1.2.28 Cross Site Scripting
07.11.2017
Ricardo Sanchez
Med.
CMS Poweres by Oyabunstyle.de SQL Injection
06.11.2017
Bl4ck M4n
Low
web2Project cms Cross Site Scripting
06.11.2017
Ashiyane Digital Secur...
Low
WordPress User Login History 1.5.2 Cross Site Scripting
01.11.2017
Nicolas Buzy-Debat
Low
phpMyFAQ 2.9.8 Stored XSS Vulnerability
31.10.2017
Nikhil Mittal
Low
Oracle FCDB <= 10.5 Cross Site Scripting Vulnerability
28.10.2017
Ajay Gowtham
Low
PHP iCalendar Cross Site Scripting (XSS)
27.10.2017
SonnySpooks
High
BMC Remedy LFI / RFI / XSS / Code Execution
23.10.2017
Simon Rawet
Low
viban cms Cross Site Scripting vulnerability
23.10.2017
IRANIAN ETHICAL HACKER...
Low
TP-LINK TL-MR3220 Vulnerability Xss
21.10.2017
FireShell
Low
Loxblog cross-site scripting Vulnerability
20.10.2017
Milad Ahmadi
High
Afian AB FileRun 2017.03.18 CSRF / Shell Upload / XSS / Redirection
18.10.2017
SEC Consult
Med.
Linksys E Series CSRF / XSS / Denial Of Service / Header Injection
18.10.2017
SEC Consult
High
Webmin 1.850 SSRF / CSRF / Cross Site Scripting / Command Execution
18.10.2017
hyp3rlinx
Low
MJM Usm Cross Site Scripting
18.10.2017
ArashHC
Low
nuevoMailer v.4.00 Cross-Site Scripting Vulnerability
17.10.2017
P4kL0nc4t
Low
WordPress Influencer Marketing And Press Release System 2.2 XSS
17.10.2017
Ricardo Sanchez
Low
Webtrekk Pixel Tracking Cross Site Scripting
17.10.2017
SEC Consult
Med.
E-Sic Software livre CMS 1.0 Cross Site Scripting / SQL Injection
16.10.2017
Elber Tavares
Low
DreamBox BouquetEditor 2.0.0 Cross Site Scripting
13.10.2017
Thiago "THX" Sena
Low
WordPress Pootle Button 1.1.1 Cross Site Scripting
13.10.2017
Ricardo Sanchez
Low
WordPress PopCash.Net Publisher Code Integration 1.0 Cross Site Scripting
12.10.2017
Ricardo Sanchez
Low
OctoberCMS 1.0.425 Cross Site Scripting
12.10.2017
Ishaq Mohammed
Low
WordPress WP-Contact-Widgets 1.4.1 Cross Site Scripting
12.10.2017
Boumediene KADDOUR
Low
WordPress TR Easy Google Analytics 1.0.0 Cross Site Scripting
11.10.2017
Ricardo Sanchez
Low
Lansweeper 6.0.0.63 Cross Site Scripting
08.10.2017
Multiple
Low
EPESI 1.8.2 Revision 20170830 Cross Site Scripting
05.10.2017
Zeeshan Shaikh
Low
SmarterStats 11.3.6347 Cross Site Scripting
02.10.2017
David Hoyt
Med.
WordPress Content Audit 1.9.1 Cross Site Request Forgery / Cross Site Scripting
28.09.2017
Tom Adams
Low
Sitefinity CMS 9.2 Cross-Site Scripting
26.09.2017
Pralhad Chaskar
Med.
Kaltura 13.1.0 Code Execution / Cross Site Scripting
25.09.2017
Robin Verton
Low
CMS TMBA Co Cross Site Scripting
22.09.2017
Mostafa.Akbarzadeh
Low
WordPress 2kb Amazon Affiliates Store 2.1.0 Cross Site Scripting
21.09.2017
Ricardo Sanchez
Low
SUSE/Portus 2.2 Cross Site Scripting
19.09.2017
rsanchezr
Low
SilverStrip CMS 3.5.3 Cross Site Scripting
15.09.2017
Anonymous
Low
Divar Cross Site Scripting
12.09.2017
ArashHC
High
D-Link 850L XSS Backdoor and Code Execution
10.09.2017
Pierre Kim
Low
WordPress Training Membership 1.0.8 Cross Site Scripting
10.09.2017
8bitsec
Low
CMS Showcase 1.0 Cross Site Scripting
10.09.2017
Felipe "Renzi" Gabriel
Med.
EE 4GEE Wireless Router EE60_00_05.00_25 XSS / CSRF / Disclosure
10.09.2017
James Hemmings
Low
IWEBSOUL CMS - Multiple Cross Site Scripting Vulnerabilities
08.09.2017
Renzi
Low
Wordpress cool-flickr-slideshow Plugin Cross Site Scripting(xss)
07.09.2017
Ashiyane Digital Secur...
Low
Wordpress Contact Form 7 International Sms Integration Plugin Cross Site Scripting
07.09.2017
Ashiyane Digital Secur...
Low
Subrion Cms Cross Site Scripting (XSS)
07.09.2017
Ashiyane Digital Secur...
Low
WordPress Plugin Participants Database < 1.7.5.10 Cross-Site Scripting
05.09.2017
Benjamin Lim
Low
MISP 2.4.79 Cross Site Scripting
30.08.2017
Deloitte Zero Day
Low
Eleanor CMS v0.9 Stored Cross Site Scripting
24.08.2017
Iran Cyber Security Gr...
Med.
Progress Sitefinity 9.1 XSS / Session Management / Open Redirect
23.08.2017
SEC Consult
Med.
Backdrop CMS 1.7.1 Cross Site Scripting
23.08.2017
Manuel Garcia Cardenas
High
QuantaStor Software Defined Storage < 4.3.1 Multiple Vulnerabilities
18.08.2017
Nahuel D. Sanchez, VVV...
Low
Quali CloudShell 7.1.0.6508 (Patch 6) Persistent Cross Site Scripting
14.08.2017
Benjamin Lee
Low
WordPress PressForward 4.3.0 Cross Site Scripting
11.08.2017
Neven Biruski
Low
CMS Made Simple - Reflected Cross-Site Scripting
08.08.2017
Renzi
Low
WordPress GamePlan Event And Gym Fitness Theme 1.5.13.2 Cross Site Scripting
06.08.2017
Kushal Jaisingh
Low
Axis 2100 Network Camera 2.43 Cross Site Scripting
04.08.2017
Nassim Asrir
Low
Technicolor TC7337 Cross Site Scripting
03.08.2017
Geolado Giolado
Low
TYPO3 Formhandler 2.4.0 Cross Site Scripting
01.08.2017
RedTeam
Med.
Flash Slideshow Maker Professional XSS / Content Forgery / Redirect
01.08.2017
ret2eax
Low
FortiOS <= 5.6.0 Multiple XSS Vulnerabilities
28.07.2017
Patryk Bogdan
Low
WordPress FormCraft Form Builder 3.2.31 Cross Site Scripting
26.07.2017
8bitsec
Low
WordPress Ultimate Affiliate Pro 3.6 Cross Site Scripting
26.07.2017
8bitsec
Low
WebMotionUK CMS Reflected Cross site scripting(xss) Vulnerability
26.07.2017
Ashiyane Digital Secur...
High
WebKit JSC JSObject::putInlineSlow & JSValue::putToPrimitive XSS
25.07.2017
lokihardt
Med.
PaulShop Cross Site Scripting / SQL Injection
25.07.2017
BTIS Team
Low
Ubiquiti Networks EP-R6 / ER-X / ER-X-SFP Cross Site Scripting
25.07.2017
SEC Consult
Low
REDDOXX Appliance Cross Site Scripting
25.07.2017
RedTeam
Low
Oracle Web Center 11.1.1.9.0 / 12.2.1.1.0 / 12.2.1.2.0 XSS
23.07.2017
Owais
Low
WordPress Task Manager Pro 1.31 Cross Site Scripting
21.07.2017
8bitsec
Low
PEGA Platform 7.2 ML0 Missing Access Control / Cross Site Scripting
19.07.2017
Daniel Correa
Low
Vodafone Italia Webmail Cross Site Scripting
14.07.2017
theMiddle
Med.
AGFEO Smart Home ES 5xx / 6xx Authentication Bypass / XSS / Hardcoded Credentials
12.07.2017
SEC
Low
RaidenHTTPD 2.0.44 User-Agent Cross Site Scripting
12.07.2017
sultan albalawi
Low
CMS Showcase - Multiple Reflected Cross-Site Scripting
12.07.2017
Renzi
Low
ObjectPlanet Opinio 7.6.3 Cross Site Scripting
12.07.2017
Kasper Karlsson
Low
Wordpress Plugin How-Interest Cross-Site Scripting
11.07.2017
@wazehell
Low
kiteworks by Accellion - Reflected XSS
11.07.2017
bRpsd
Low
Rise Ultimate Project Manager 1.8 Cross Site Scripting
11.07.2017
8bitsec
Low
Schneider Electric Pelco Sarix/Spectra Cameras XSS
11.07.2017
Gjoko 'LiquidWorm' Krs...
Low
Joomla Akobook Component Cross-Site Scripting
10.07.2017
Obsidian Cyber Team
Med.
Yaws 2.0 Cross Site Scripting
05.07.2017
sultan albalawi
Low
Humax Digital HG100R 2.0.6 XSS / Information Disclosure
04.07.2017
The Gambler


CVEMAP Search Results

CVE
Details
Description
2017-11-03
Low
CVE-2017-14359

Vendor: HP
Software: Performance ...
 

 
A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allow cross-site scripting.

 
2017-11-01
Low
CVE-2017-1001001

Vendor: Pluxml
Software: Pluxml
 

 
PluXml version 5.6 is vulnerable to stored cross-site scripting vulnerability, within the article creation page, which can result in escalation of privileges.

 
Low
CVE-2016-3048

Vendor: IBM
Software: Openpages gr...
 

 
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 114711.

 
Medium
CVE-2017-1552

Vendor: IBM
Software: Infosphere b...
 

 
IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to link injection. By persuading a victim to click on a specially-crafted URL link, a remote attacker could exploit this vulnerability to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 131396.

 
Low
CVE-2017-1554

Vendor: IBM
Software: Infosphere b...
 

 
IBM Infosphere BigInsights 4.2.0 and 4.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 131398.

 
2017-10-31
Low
CVE-2016-10699

Vendor: D-link
Software: Dsl-2740e fi...
 

 
D-Link DSL-2740E 1.00_BG_20150720 devices are prone to persistent XSS attacks in the username and password fields: a remote unauthenticated user may craft logins and passwords with script tags in them. Because there is no sanitization in the input fields, an unaware logged-in administrator may be a victim when checking the router logs.

 
Low
CVE-2017-3933

Vendor: Mcafee
Software: Network data...
 

 
Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack.

 
Low
CVE-2017-15535

Vendor: IBM
Software: Infosphere b...
 

 
IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131397.

 
2017-10-30
Low
CVE-2017-12460

Updating...
 

 
An issue was discovered in Barco ClickShare CSM-1 firmware before v1.7.0.3 and CSC-1 firmware before v1.10.0.10. An authenticated user can manage the wallpaper collection in the webUI to be shown as background on the ClickShare product. By uploading a wallpaper with a specially crafted name, an HTML injection can be triggered as special characters are not neutralized before output.

 
Low
CVE-2009-1198

Updating...
 

 
Cross-site scripting (XSS) vulnerability in Apache jUDDI before 2.0 allows remote attackers to inject arbitrary web script or HTML via the dsname parameter to happyjuddi.jsp.

 

 


Copyright 2017, cxsecurity.com

 

Back to Top