CWE:
 

Topic
Date
Author
Low
Web Design by Dadevarzan (Xss)
23.04.2017
The Devil
Low
Apple WebKit/Safari 10.0.2 (12602.3.12.0.1) PrototypeMap::createEmptyStructure XS
21.04.2017
Google Security Resear...
Low
Apple WebKit/Safari 10.0.2 (12602.3.12.0.1) operationSpreadGeneric XSS
21.04.2017
Google Security Resear...
Low
WebKit operationSpreadGeneric Universal Cross Site Scripting
19.04.2017
lokihardt
Med.
Word Directory Script 2.1 Cross Site Scripting / SQL Injection
15.04.2017
Bilal KARDADOU
Low
Scriptler Jenkins 2.9 Cross Site Scripting
15.04.2017
Burak Kelebek
Low
Agorum Core Pro 7.8.1.4-251 Cross Site Scripting
14.04.2017
Dr. Erlijn van Genucht...
Low
theWP - Film Theme V2 Cross Site Scripting
13.04.2017
Darkcrew
Low
MyBB <1.8.11 Cross Site Scripting
12.04.2017
Zhiyang Zeng
Low
Apple WebKit disconnectSubframes UXSS
10.04.2017
lokihardt
Low
WebKit Focus Event UXSS
10.04.2017
lokihardt
Med.
WebKit Synchronous Page Load UXSS
10.04.2017
lokihardt
Low
A4Haber Portalı Theme V2 Cross Site Scripting
08.04.2017
Darkcrew.Org
Low
iPlatinum iOneView Multiple Parameter Reflected XSS
06.04.2017
Patrick Webster
Low
IranSamaneh CMS Cross Site Scripting
05.04.2017
Zero Security Group
Low
mailman v 2.1.8 reflected cross site scripting
29.03.2017
alqnas eslam
Low
aparat Cross Site Scripting
27.03.2017
Turk@Xtra
Low
MetInfo 5.3.15 Cross Site Scripting
20.03.2017
Arice.chen
Low
ClipBucket 2.8.2 Cross Site Scripting
20.03.2017
NoGe
Low
HumHub 1.0.1 Cross Site Scripting
20.03.2017
Tim Coen
Low
phplist 3.2.6 Cross Site Scripting
20.03.2017
Tim Coen
Low
Microsoft Internet Information Services Cross Site Scripting
18.03.2017
David Fernandez
Low
AXIS Communications XSS / Content Inclusion
18.03.2017
orwelllabs
Low
AXIS Cross Site Request Forgery / Cross Site Scripting
18.03.2017
David Wearing
Low
AXIS Network Camera Cross Site Scripting
18.03.2017
orwelllabs
Low
Sitecore Experience Platform 8.1 Update-3 Cross Site Scripting
17.03.2017
Pralhad Chaskar
Low
WordPress Print Money v4.91 Plugin Persistent Cross Site Scripting
14.03.2017
Ashiyane Digital Secur...
High
dnaLIMS Code Execution / XSS / Traversal / Session Hijacking
11.03.2017
Nicholas von Pechmann
Low
Agora-Project 3.2.2 Cross Site Scripting
08.03.2017
Multiple
Low
Huawei HG658 V2 Cross Site Scripting
08.03.2017
KnocKout
Med.
Job Portal Script 3.0 Cross Site Scripting / SQL Injection
08.03.2017
Bilal KARDADOU
Low
Laravel 5.4 Cross Site Scripting
07.03.2017
MaHDyfo
Low
WordPress 4.5.3 Audio Playlist Cross Site Scripting
07.03.2017
Yorick Koster
Low
EPSON TMNet WebConfig 1.00 Cross Site Scripting
06.03.2017
Michael Benich
Med.
pfSense 2.3.2 Cross Site Request Forgery / Cross Site Scripting
04.03.2017
Yann CAM @ASafety
Low
WordPress Contact Form 4.0.0 Cross Site Scripting
03.03.2017
Julien Rentrop
Low
WordPress NewStatPress 1.2.4 Cross Site Scripting
03.03.2017
Han Sahin
Low
WordPress Gwolle Guestbook 1.7.4 Cross Site Scripting
03.03.2017
Radjnies Bhansingh
Low
WordPress Contact Form Manager CSRF / XSS
03.03.2017
Edwin Molenaar
Low
WordPress Alpine PhotoTile For Instagram 1.2.7.7 XSS
03.03.2017
Antonis Manaras
Low
WordPress User Login Log 2.2.1 Cross Site Scripting
03.03.2017
Axel Koolhaas
Low
WordPress Google Analytics Dashboard 2.1.1 Cross Site Scripting
03.03.2017
Yorick Koster
Low
WordPress Atahualpa Theme Cross Site Scripting
03.03.2017
Spyros Gasteratos
Low
WordPress Magic Fields 1 1.7.1 Cross Site Scripting
03.03.2017
Burak Kelebek
Low
WordPress Tribulant Slideshow Galleries 1.6.3 Cross Site Scripting
03.03.2017
Spyros Gasteratos
Low
SAP BusinessObjects Financial Consolidation 10.0.0.1933 Cross Site Scripting
28.02.2017
Deloitte Zero Day
Low
memcache-viewer Cross Site Scripting
26.02.2017
HaHwul
Low
Air Transfer 1.2.1 / 1.0.14 Cross Site Scripting
24.02.2017
Vulnerability Lab
Med.
Travel Portal Script 9.37 Cross Site Scripting / SQL Injection
24.02.2017
Marc Castejon
Med.
MBLS Flex CMS 0.7.2 SQL Injection / Cross Site Scripting
24.02.2017
Bilal KARDADOU
Low
PHPShell v2.4 Cross Site Scripting
20.02.2017
hyp3rlinx
Low
Plone 5.0.5 Cross Site Scripting
19.02.2017
Tim Coen
Low
WordPress Plugin Corner Ad 1.0.7 - Cross-Site Scripting
17.02.2017
Atik Rahman
Low
WordPress Easy Table 1.6 Cross Site Scripting
15.02.2017
Manuel Garcia Cardenas
Med.
Itech B2B 4.2.9 Cross Site Scripting / SQL Injection
15.02.2017
Marc Castejon
Low
Joomla Component GeoContent 4.5 - Cross-site scripting
14.02.2017
Persian Hack Team
Low
Joomla Component Sports Predictions 2.1.0.4 - Cross-site scripting
13.02.2017
Persian Hack Team
Low
SonicDICOM PACS 2.3.2 Multiple Stored Cross-Site Scripting Vulnerabilities
12.02.2017
Gjoko 'LiquidWorm' Krs...
Low
Deane Lewis Cross Site Scripting
10.02.2017
Ashiyane Digital Secur...
Med.
"Restricted Area" Shell Upload
09.02.2017
Y3R6.ORG
Low
Sandata SanaCMS 7.3 Cross Site Scripting
08.02.2017
Hosein Askari
Low
1024 CMS v2.1.1 Cross Site Scripting
07.02.2017
Ashiyane Digital Secur...
Low
Ahrar Andeysheh Cross Site Scripting
05.02.2017
Voldemort799
Low
addnet Cross Site Scripting
05.02.2017
Ashiyane Digital Secur...
Low
weli CMS Cross Site Scripting
04.02.2017
Ashiyane Digital Secur...
Low
DramaNetwork Cross Site Scripting
04.02.2017
Ashiyane Digital Secur...
Low
網頁設計 Cross Site Scripting
04.02.2017
Ashiyane Digital Secur...
Med.
MailStore 10.0.1 Cross Site Scripting / Open Redirect
02.02.2017
Tobias Glemser
Low
Bitrix Site Manager Cross Site Scripting
02.02.2017
MustLive
Med.
Revive Adserver 4.0.0 XSS / Deserialization / Session Fixation
01.02.2017
Matteo Beccati
Med.
Ubiquiti Networks Cross Site Scripting / Cross Site Request Forgery
31.01.2017
T. Weber
Low
Joomla Store Locator 2.3.1.0 Cross Site Scripting
30.01.2017
Persian Hack Team
Low
Joomla Component Store Locator 2.3.1.0 - Cross-site scripting
28.01.2017
Persian Hack Team
Med.
PHPback Cross Site Scripting / SQL Injection
27.01.2017
error1046
Low
Popup Blocker Pro Chrome Extension Stored Cross Site Scripting
24.01.2017
Aaditya Purani
Low
Oracle PeopleSoft HCM 9.2 Cross Site Scripting
23.01.2017
Vahagn Vardanyan, Dmit...
Low
French doctors cms cross site scripting
20.01.2017
Ashiyane Digital Secur...
Low
Mattermost 3.5.0 / 3.5.1 Cross Site Scripting
20.01.2017
RCE
Low
Ashiyane Training Center Site Scripting
20.01.2017
Hacker.khan
Low
Ghost Blog 0.11.3 Cross Site Scripting
20.01.2017
Patrick Costa
Low
MailZu 0.8RC3 Cross Site Scripting
19.01.2017
Nassim Asrir
Low
OpenExpert 0.5.17 Cross Site Scripting
19.01.2017
Nassim Asrir
Med.
iTechScripts Video Sharing Script 4.93 Cross Site Scripting / SQL Injection
19.01.2017
Hasan Emre Ozer
Med.
Courier Management System Cross Site Scripting / SQL Injection
19.01.2017
Sibusiso Sishi
Low
TYPO3 CMS 2.0.3 Cross Site Scripting
18.01.2017
Siddhartha Tripathy
Low
Atlassian Jira 7.1.7 Cross Site Scripting
18.01.2017
Roberto Soares
Med.
Business Networking Script 8.11 Cross Site Scripting / SQL Injection
17.01.2017
Ahmet Gurel
Low
Hassium CMS Cross Site Scripting
17.01.2017
Ashiyane Digital Secur...
Low
Mcslinc CMS Cross Site Scripting
15.01.2017
Eagle Security Team
Low
UKC Design XSS
14.01.2017
virus007
Low
D-Link DIR-615 Open Redirection / Cross Site Scripting
14.01.2017
Osanda Malith Jayathis...
Low
Roxy Fileman Cross Site Scripting
13.01.2017
Ashiyane Digital Secur...
Low
Blackboard LMS 9.1 SP14 Cross Site Scripting
12.01.2017
Vulnerability Lab
Low
Responsive File Manager 9.11.0 Cross Site Scripting
12.01.2017
Ashiyane Digital Secur...
Low
Splunk 6.1.1 Referer Cross Site Scripting
10.01.2017
justpentest
Low
Rumble Mail Server 0.51.3135 Cross Site Scripting
10.01.2017
Nassim Asrir
Low
DirectAdmin Control Panel 1.50.1 Cross Site Scripting
10.01.2017
Amir
Low
Eleanor 1.0 Stored Cross Site Scripting
07.01.2017
Iran Cyber Security Gr...
Low
Atlassian Confluence 5.9.12 Cross Site Scripting
05.01.2017
Jodson Santos
Low
Benson Bank CMS v 5.5 - 2015.09.09 Cross Site Scripting
02.01.2017
Ashiyane Digital Secur...


CVEMAP Search Results

CVE
Details
Description
2015-02-20
Low
CVE-2015-0167

Vendor: Textangular
Software: Textangular
 

 
Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in textAngular before 1.3.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the editor.

 
Low
CVE-2015-2040

Vendor: Cfdbplugin
Software: Contact form db
 

 
Cross-site scripting (XSS) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin 2.8.26 for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit_time parameter in the CF7DBPluginSubmissions page to wp-admin/admin.php.

 
2015-02-19
Low
CVE-2014-6301

Vendor: Pnmsoft
Software: Sequence kin...
 

 
Multiple cross-site scripting (XSS) vulnerabilities in the tables-management module in PNMsoft Sequence Kinetics before 7.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 
Low
CVE-2014-9468

Vendor: Instantasp
Software: Instantforum
 

 
Multiple cross-site scripting (XSS) vulnerabilities in InstantASP InstantForum.NET 4.1.3, 4.1.2, 4.1.1, 4.0.0, 4.1.0, and 3.4.0 allow remote attackers to inject arbitrary web script or HTML via the SessionID parameter to (1) Join.aspx or (2) Logon.aspx.

 
Low
CVE-2015-1603

Vendor: Adminsystems cms project
Software: Adminsystems cms
 

 
Multiple cross-site scripting (XSS) vulnerabilities in Adminsystems CMS before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php or (2) id parameter in a users_users action to asys/site/system.php.

 
Low
CVE-2015-1879

Vendor: Google doc embedder
Software: Google doc e...
 

 
Cross-site scripting (XSS) vulnerability in the Google Doc Embedder plugin before 2.5.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the profile parameter in an edit action in the gde-settings page to wp-admin/options-general.php.

 
2015-02-18
Low
CVE-2015-0623

Vendor: Cisco
Software: Web security...
 

 
Cross-site scripting (XSS) vulnerability in the Administrator report page on Cisco Web Security Appliance (WSA) devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus40627.

 
2015-02-17
Low
CVE-2015-1617

Vendor: Mcafee
Software: Data loss pr...
 

 
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

 
Low
CVE-2015-1619

Vendor: Mcafee
Software: Email gateway
 

 
Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest messages.

 
Low
CVE-2015-1621

Vendor: Webform prepopulate block project
Software: Webform prep...
 

 
Cross-site scripting (XSS) vulnerability in the Webform prepopulate block module before 7.x-3.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

 

 


Copyright 2017, cxsecurity.com