Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Proactive Risk Manager version 9.1.1.0 is affected by multiple Cross-Site Scripting (XSS) vulnerabilities in the add/edit form fields, at the urls starting with the subpaths: /ar/config/configuation/
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jerin K Alexander Events Manager Pro – extended events-manager-pro-extended allows Reflected XSS.T
Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the password and co
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace Real Estate Manager Pro real-estate-manager-pro allows Reflected XSS.This issue aff
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Directory Pro directory-pro allows Reflected XSS.This issue affects Directory Pro: from
Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email para
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the title parameter with action=add or action=editform within the (a) managemessage.php file and (b) managetask.php file respectively.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Directory Pro directory-pro allows DOM-Based XSS.This issue affects Directory Pro: from
A stored Cross-site Scripting (XSS) vulnerability affecting Change Governance in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbi
A stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to exec
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ProWCPlugins Related Products Manager for WooCommerce related-products-manager-woocommerce allows
A stored Cross-site Scripting (XSS) vulnerability affecting Opportunity Management in Project Portfolio Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker
A reflected cross-site scripting (XSS) vulnerability on the homepage of Metronic Admin Dashboard Template v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecti
A vulnerability has been found in Projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /myform.php of the component Add Visitor Page. The manipulation of the argume
A cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field of Custom Fields messag
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Job Board Manager job-board-manager allows Reflected XSS.This issue affects Job Board
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.4, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Emilia Projects Progress Planner allows Stored XSS. This issue affects Progress Planner: from n/a
A vulnerability, which was classified as problematic, has been found in MRCMS 3.1.2. Affected by this issue is some unknown functionality of the component Edit Article Page. The manipulation of the ar
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in amocrm amoCRM WebForm amocrm-webform allows DOM-Based XSS.This issue affects amoCRM WebForm: from
Page 1+ Next →