CWE:
 

Topic
Date
Author
Low
French doctors cms cross site scripting
20.01.2017
Ashiyane Digital Secur...
Low
Mattermost 3.5.0 / 3.5.1 Cross Site Scripting
20.01.2017
RCE
Low
Ashiyane Training Center Site Scripting
20.01.2017
Hacker.khan
Low
Ghost Blog 0.11.3 Cross Site Scripting
20.01.2017
Patrick Costa
Low
MailZu 0.8RC3 Cross Site Scripting
19.01.2017
Nassim Asrir
Low
OpenExpert 0.5.17 Cross Site Scripting
19.01.2017
Nassim Asrir
Med.
iTechScripts Video Sharing Script 4.93 Cross Site Scripting / SQL Injection
19.01.2017
Hasan Emre Ozer
Med.
Courier Management System Cross Site Scripting / SQL Injection
19.01.2017
Sibusiso Sishi
Low
TYPO3 CMS 2.0.3 Cross Site Scripting
18.01.2017
Siddhartha Tripathy
Low
Atlassian Jira 7.1.7 Cross Site Scripting
18.01.2017
Roberto Soares
Med.
Business Networking Script 8.11 Cross Site Scripting / SQL Injection
17.01.2017
Ahmet Gurel
Low
Hassium CMS Cross Site Scripting
17.01.2017
Ashiyane Digital Secur...
Low
Mcslinc CMS Cross Site Scripting
15.01.2017
Eagle Security Team
Low
UKC Design XSS
14.01.2017
virus007
Low
D-Link DIR-615 Open Redirection / Cross Site Scripting
14.01.2017
Osanda Malith Jayathis...
Low
Roxy Fileman Cross Site Scripting
13.01.2017
Ashiyane Digital Secur...
Low
Blackboard LMS 9.1 SP14 Cross Site Scripting
12.01.2017
Vulnerability Lab
Low
Responsive File Manager 9.11.0 Cross Site Scripting
12.01.2017
Ashiyane Digital Secur...
Low
Splunk 6.1.1 Referer Cross Site Scripting
10.01.2017
justpentest
Low
Rumble Mail Server 0.51.3135 Cross Site Scripting
10.01.2017
Nassim Asrir
Low
DirectAdmin Control Panel 1.50.1 Cross Site Scripting
10.01.2017
Amir
Low
Eleanor 1.0 Stored Cross Site Scripting
07.01.2017
Iran Cyber Security Gr...
Low
Atlassian Confluence 5.9.12 Cross Site Scripting
05.01.2017
Jodson Santos
Low
Benson Bank CMS v 5.5 - 2015.09.09 Cross Site Scripting
02.01.2017
Ashiyane Digital Secur...
Med.
Dell SonicWALL Secure Mobile Access SMA 8.1 CSRF / XSS
31.12.2016
Gjoko 'LiquidWorm' Krs...
Low
Dell SonicWALL Network Security Appliance NSA 6600 XSS
31.12.2016
Gjoko 'LiquidWorm' Krs...
Low
Dell SonicWALL Global Management System GMS 8.1 Cross Site Scripting
31.12.2016
Gjoko 'LiquidWorm' Krs...
Low
u5cmszip_en Cms Cross Site Scripting
28.12.2016
Ashiyane Digital Secur...
Low
Webworx Design Group Cross Site Scripting
21.12.2016
Ashiyane Digital Secur...
Low
Horos 2.1.0 Cross Site Scripting
18.12.2016
Gjoko 'LiquidWorm' Krs...
Low
eramba Enterprise & Community Editions Stored XSS
17.12.2016
Yunus YILDIRIM
Low
WordPress Quiz And Survey Master 4.7.8 / 4.5.4 XSS / CSRF
17.12.2016
Tom Adams
Low
eramba Enterprise / Community Cross Site Scripting
17.12.2016
Yunus YILDIRIM
Low
WordPress MailChimp 3.1.5 / 4.0.10 Cross Site Scripting
16.12.2016
Tom Adams
Low
Chaordic Search v1.1 Cross Site Scripting
10.12.2016
Felipe Andrian Peixoto
Low
AbanteCart 1.2.7 Cross Site Scripting
07.12.2016
Kacper Szurek
Med.
Shuttle Tech ADSL Wireless 920 WM XSS / Directory Traversal
06.12.2016
Persian Hack Team
Low
VMPanel cybervm XSS
05.12.2016
Rahimian
Med.
e107 2.1.2 Cross Site Request Forgery / Cross Site Scripting
02.12.2016
foxmole
Low
Zurb Foundation 5.5.3 / 5.5.1 Cross Site Scripting
30.11.2016
Winni Neessen
Low
Tenda / D-Link / TP-Link DHCP Cross Site Scripting
29.11.2016
Vulnerability Lab
Low
Burden TMA 2.1.1 Cross Site Scripting
29.11.2016
Vulnerability Lab
Low
WordPress Image Gallery 1.9.65 Cross Site Scripting
28.11.2016
Sipke Mellema
Low
Koken 0.22.7 / 0.22.11 Cross Site Scripting
28.11.2016
TaurusOmar
Low
WonderCMS 0.9.8 Cross Site Scripting
23.11.2016
Manuel Garcia Cardenas
Med.
OpManager 12100 / 12200 Cross Site Scripting / Denial Of Service
22.11.2016
Michael Heydon
Low
WordPress Check Email 0.3 Cross Site Scripting
22.11.2016
Antonis Manaras
Med.
WordPress Instagram Feed 1.4.6.2 Cross Site Scripting / Cross Site Request Forgery
22.11.2016
Sipke Mellema
Med.
WordPress MailChimp 4.0.7 Cross Site Request Forgery / Cross Site Scripting
22.11.2016
Persian Hack Team
Low
WordPress Canvas - Shortcodes 1.92 Cross Site Scripting
22.11.2016
Yorick Koster
Low
WordPress Easy Facebook Like Box 4.3.0 CSRF / XSS
22.11.2016
Persian Hack Team
Low
Atlassian Confluence AppFusions Doxygen 1.3.x Cross Site Scripting
22.11.2016
RCE
Low
Habari CMS v0.9.2 - (Backend Comments) XSS Vulnerability
19.11.2016
Vulnerability Lab
Low
Wordpress ThemeRush Theme Cross Site Scripting
19.11.2016
Iran Cyber Security Gr...
Low
SPIP 3.1 Cross Site Scripting / Header Injection
19.11.2016
Tim Coen
Low
MyLittleForum 2.3.6.1 XSS / Path Overwrite
19.11.2016
Tim Coen
Low
Mezzanine 4.2.0 Cross Site Scripting
19.11.2016
Tim Coen
Low
MoinMoin 1.9.8 Cross Site Scripting
19.11.2016
Tim Coen
Med.
FUDforum 3.0.6 Cross Site Request Forgery / Cross Site Scripting
19.11.2016
Tim Coen
Low
DCFM Blog 0.9.7 Cross Site Scripting
18.11.2016
N_A
Low
WordPress All In One WP Security And Firewall 4.1.9 Cross Site Scripting
17.11.2016
Yorick Koster
Low
ShopZilla Comparision Shopping Script 2.3 Cross Site Scripting
15.11.2016
indoushka
Low
Rate-Me PHP Script 1.0 Cross Site Scripting
15.11.2016
Boumediene KADDOUR
Low
GamePedia.com SubDomin Cross Site Scripting (XSS)
13.11.2016
Iranian Electronic Arm...
Low
MikroTik RouterOS 6.36.2 Cross Site Scripting
13.11.2016
Nassim Asrir
Low
WordPress W3 Total Cache 0.9.4.1 Cross Site Scripting
12.11.2016
Sipke Mellema
Low
MyBB 1.8.6 Cross Site Scripting
11.11.2016
Tim Coen
Low
NodCMS Cross Site Scripting
09.11.2016
Ashiyane Digital Secur...
Low
OpenGB 1.2.3 Cross Site Scripting
09.11.2016
N_A
Low
PHP Classifieds Rental Script 1.0 Cross Site Scripting
09.11.2016
Nassim Asrir
Low
WordPress Calendar 1.3.7 Cross Site Scripting
09.11.2016
Remco Vermeulen
Low
WordPress 404 To 301 2.2.8 Cross Site Scripting
09.11.2016
Alyssa Milburn
Low
Faraznet CMS 4.x Cross Site Scripting
08.11.2016
IeDb.Ir
Low
OwnCloud / NextCloud 10.0.1 Cross Site Scripting
08.11.2016
Matei Felix
Low
Simple PHP Blog 0.4.0 Cross Site Scripting
07.11.2016
sh311c0d3r
Low
Mini Notice Board 1.1 Cross Site Scripting
02.11.2016
N_A
Low
Alienvault OSSIM/USM 5.3.1 Persistent Cross Site Scripting
02.11.2016
Peter Lapp
Low
Alienvault OSSIM/USM 5.3.1 Cross Site Scripting
02.11.2016
Peter Lapp
High
Moodle CMS 3.1.2 Cross Site Scripting / File Upload
02.11.2016
Joel Vadodil Varghese
Med.
My Little Forum 2.3.7 Cross Site Request Forgery / Cross Site Scripting
02.11.2016
Ashiyane Digital Secur...
Low
Serendipity-2.0.4 (latest version) - Stored Cross Site Scripting
31.10.2016
Besim
Low
InfraPower PPS-02-S Q213V1 Multiple XSS Vulnerabilities
29.10.2016
Gjoko 'LiquidWorm' Krs...
Low
Top-Design Cross Site Scripting
29.10.2016
Ashiyane Digital Secur...
Low
MirageCMS (Content Management System) - Reflected XSS.
29.10.2016
Nir Yehoshua
Med.
Zenbership (latest version) - Multiple Vulnerabilities
24.10.2016
Besim
Low
Iranian ask & answer sites xss bug
22.10.2016
Lord Hacking Team
Med.
Nagios XI 5.2.9 Cross Site Scripting / Open Redirect
21.10.2016
hyp3rlinx
Low
Designed by X’son Cross Site Scripting
21.10.2016
Ashiyane Digital Secur...
Low
PizzaInn Beta 3 Cross Site Scripting
21.10.2016
Nassim Asrir
Med.
XhP CMS 0.5.1 Cross Site Request Forgery / Cross Site Scripting
20.10.2016
Ahsan Tahir
Low
SPIP 3.1.2 Cross Site Scripting
20.10.2016
Nicolas CHATELAIN
Med.
Subrion CMS 4.0.5 Cross Site Request Forgery / Cross Site Scripting
19.10.2016
Ahsan Tahir
Low
Anchor CMS 0.12.1 Cross Site Scripting
19.10.2016
indoushka
Low
Oneblog 2.0 Cross Site Scripting
18.10.2016
Nassim Asrir
Low
Simple Forum PHP 2.4 Cross Site Scripting
18.10.2016
Ashiyane Digital Secur...
Med.
WordPress Newsletter 4.6.0 Cross Site Request Forgery / Cross Site Scripting
14.10.2016
Keith Lee
Low
Colorful Blog Cross Site Scripting
14.10.2016
Besim
Med.
Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection
13.10.2016
S3ba
Low
ApPHP MicroBlog 1.0.2 Cross Site Scripting
13.10.2016
Besim
Low
ApPHP MicroCMS 3.9.5 Cross Site Scripting
13.10.2016
Besim


CVEMAP Search Results

CVE
Details
Description
2015-02-20
Low
CVE-2015-0167

Vendor: Textangular
Software: Textangular
 

 
Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in textAngular before 1.3.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the editor.

 
Low
CVE-2015-2040

Vendor: Cfdbplugin
Software: Contact form db
 

 
Cross-site scripting (XSS) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin 2.8.26 for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit_time parameter in the CF7DBPluginSubmissions page to wp-admin/admin.php.

 
2015-02-19
Low
CVE-2014-6301

Vendor: Pnmsoft
Software: Sequence kin...
 

 
Multiple cross-site scripting (XSS) vulnerabilities in the tables-management module in PNMsoft Sequence Kinetics before 7.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 
Low
CVE-2014-9468

Vendor: Instantasp
Software: Instantforum
 

 
Multiple cross-site scripting (XSS) vulnerabilities in InstantASP InstantForum.NET 4.1.3, 4.1.2, 4.1.1, 4.0.0, 4.1.0, and 3.4.0 allow remote attackers to inject arbitrary web script or HTML via the SessionID parameter to (1) Join.aspx or (2) Logon.aspx.

 
Low
CVE-2015-1603

Vendor: Adminsystems cms project
Software: Adminsystems cms
 

 
Multiple cross-site scripting (XSS) vulnerabilities in Adminsystems CMS before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php or (2) id parameter in a users_users action to asys/site/system.php.

 
Low
CVE-2015-1879

Vendor: Google doc embedder
Software: Google doc e...
 

 
Cross-site scripting (XSS) vulnerability in the Google Doc Embedder plugin before 2.5.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the profile parameter in an edit action in the gde-settings page to wp-admin/options-general.php.

 
2015-02-18
Low
CVE-2015-0623

Vendor: Cisco
Software: Web security...
 

 
Cross-site scripting (XSS) vulnerability in the Administrator report page on Cisco Web Security Appliance (WSA) devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus40627.

 
2015-02-17
Low
CVE-2015-1617

Vendor: Mcafee
Software: Data loss pr...
 

 
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

 
Low
CVE-2015-1619

Vendor: Mcafee
Software: Email gateway
 

 
Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest messages.

 
Low
CVE-2015-1621

Vendor: Webform prepopulate block project
Software: Webform prep...
 

 
Cross-site scripting (XSS) vulnerability in the Webform prepopulate block module before 7.x-3.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

 

 


Copyright 2017, cxsecurity.com