Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Cross Site Scripting vulnerability in 66biolinks by AltumCode v.61.0.1 allows an attacker to execute arbitrary code via a crafted favicon file
Cross Site Scripting vulnerability in docmost v.0.21.0 and before allows an attacker to execute arbitrary code
Cross Site Scripting (XSS) vulnerability in Gnuboard 5.6.15 allows authenticated attackers to execute arbitrary code via crafted c_id parameter in bbs/view_comment.php.
Cross Site Scripting vulnerability in Altenar Sportsbook Software Platform (SB2) v.2.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the URL parameter
Unauthenticated Cross Site Scripting (XSS) in Favicon Rotator <= 1.2.11 versions.
Cross Site Scripting vulnerability in Algernon v1.17.4 allows attackers to execute arbitrary code via injecting a crafted payload into a filename.
The Ai Image Alt Text Generator for WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.6 due to insufficient inp
An authenticated cross-site scripting (XSS) vulnerability in the Administrative interface of Radware AlteonOS Web UI Management v33.0.4.50 allows attackers to execute arbitrary web scripts or HTML via
A cross-site scripting (XSS) vulnerability in rrweb-snapshot before v2.0.0-alpha.18 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
The Apollo13 Framework Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘a13_alt_link’ parameter in all versions up to, and including, 1.9.8 due to insufficient inp
cross-site scripting (XSS) vulnerability in Gibbon Core v26.0.00 allows an attacker to execute arbitrary code via the imageLink parameter in the library_manage_catalog_editProcess.php component.
Cross Site Scripting vulnerability in ACG-faka v1.1.7 allows a remote attacker to execute arbitrary code via the encode parameter in Index.php.
A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/delete-bookmark.php. The man
The Media Library Alt Text Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bvmalt_sc_div_update_alt_text' shortcode in all versions up to, and including, 1.0
A reflected cross-site scripting (XSS) vulnerability in moziloCMS v3.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /endpoint/add-bookmark.php of the comp
A template injection vulnerability leading to reflected cross-site scripting (XSS) has been identified in version 1.7.1, requiring authenticated admin access for exploitation. The vulnerability exists
Cross Site Scripting vulnerability in Anycomment anycomment.io 0.4.4 allows a remote attacker to execute arbitrary code via the Anycomment comment section
A stored cross-site scripting (XSS) vulnerability in the Image Upload section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via
Page 1+ Next →