Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Cross Site Scripting vulnerability in Virtuozzo Hybrid Server for WHMCS Open Source v.1.7.1 allows a remote attacker to obtain sensitive information via modification of the hostname parameter.
Cross Site Scripting vulnerability in sunnygkp10 Online Exam System master version allows a remote attacker to obtain sensitive information via the w parameter.
Cross Site Scripting vulnerability in Shenzhen Interconnection Harbor Network Technology Co., Ltd Ofweek Online Exhibition v.1.0.0 allows a remote attacker to execute arbitrary code.
Cross Site Scripting vulnerability in Neto E-Commerce CMS v.6.313.0 through v.6.3115 allows a remote attacker to escalate privileges via the kw parameter.
Cross-site scripting vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP
Cross Site Scripting vulnerability in M2000 Smart4Web before v.5.020241004 allows a remote attacker to execute arbitrary code via the error parameter in URL
Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution via the /servlet/gsdm_fsave_htmltmp, /servlet/gsdm_btlk_openfile c
Cross Site Scripting vulnerability in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php compon
A cross-site scripting (XSS) vulnerability in ScriptCase before v1.0.003 - Build 3 allows attackers to execute arbitrary code via a crafted payload to the "Connection Name" in the New Connection and R
Cross Site Scripting vulnerability in YesWiki v.4.54 allows a remote attacker to execute arbitrary code via a crafted payload to the meta configuration robots field
Cross Site Scripting vulnerability in online diagnostic lab management system using php v.1.0 allows a remote attacker to execute arbitrary code via the Test Name parameter on the diagnostic/add-test.
Cross Site Scripting vulnerability in Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516-debian12 alllows a remote attacker to execute arbitrary code via the ST, L, O, OU, CN parameters.
A vulnerability, which was classified as problematic, has been found in Huashengdun WebSSH up to 1.6.2. Affected by this issue is some unknown functionality of the component Login Page. The manipulati
Cross Site Scripting vulnerability in Xunrui CMS Public Edition v.4.6.1 allows a remote attacker to execute arbitrary code via the project name function in the project settings tab.
A Cross Site Scripting (XSS) vulnerability in Symphony CMS 2.7.10 allows remote attackers to inject arbitrary web script or HTML by editing note.
A Cross Site Scripting vulnerability in Alkacon OpenCms before 10.5.1 exists via cmis-online/type.
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMServerAdmin.asmx function.
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product
A Cross-Site Scripting (XSS) vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter
Page 1+ Next →