Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.8

    MEDIUM
    CVE-2006-2586

    Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier allows remote attackers to inject arbitrary HTML or web script via the HTTP_REFERER header in an HTTP request.... Read more

    Affected Products : iplogger
    • Published: May. 25, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-2556

    Cross-site scripting (XSS) vulnerability in Florian Amrhein NewsPortal before 0.37, and possibly TR Newsportal (TRanx rebuilded), allows remote attackers to inject arbitrary web script or HTML via unknown vectors.... Read more

    Affected Products : newsportal
    • Published: May. 24, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-2558

    Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier allows remote attackers to inject arbitrary HTML or web script via the User-Agent (useragent) header in an HTTP request, which is not filtered when the log files are viewed.... Read more

    Affected Products : iplogger
    • Published: May. 24, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-2536

    Cross-site scripting (XSS) vulnerability in Destiney Links Script 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) "Search" (term parameter in index.php) and (2) "Add a Site" (add.php) fields.... Read more

    Affected Products : destiney_links_script
    • Published: May. 22, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-2497

    Multiple cross-site scripting (XSS) vulnerabilities in AspBB 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to default.asp or (2) get parameter to profile.asp.... Read more

    Affected Products : aspbb
    • Published: May. 20, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-2415

    Multiple cross-site scripting (XSS) vulnerabilities in FlexChat 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username and (2) CFTOKEN parameter in (a) index.cfm and (3) CFTOKEN and (4) CFID parameter in (b) cha... Read more

    Affected Products : flexchat
    • Published: May. 16, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-2364

    Cross-site scripting (XSS) vulnerability in the validation feature in Macromedia ColdFusion 5 and earlier allows remote attackers to inject arbitrary web script or HTML via a "_required" field when the associated normal field is missing or empty, which is... Read more

    Affected Products : coldfusion
    • Published: May. 15, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-2340

    Cross-site scripting (XSS) vulnerability in PassMasterFlex and PassMasterFlexPlus (PassMasterFlex+) 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) password, or (3) User-Agent HTTP header in the Hac... Read more

    Affected Products : passmasterflex passmasterflexplus
    • Published: May. 12, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-2305

    Multiple cross-site scripting (XSS) vulnerabilities in Jadu CMS allow remote attackers to inject arbitrary web script or HTML via the (1) forename, (2) surname, (3) reg_email, (4) email_conf, (5) company, (6) city, (7) postcode, or (8) telephone parameter... Read more

    Affected Products : jadu_cms
    • Published: May. 11, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-2243

    Multiple cross-site scripting (XSS) vulnerabilities in Web4Future News Portal allow remote attackers to inject arbitrary web script or HTML via the ID parameter to (1) comentarii.php or (2) view.php. NOTE: this issue might be resultant from SQL injection... Read more

    Affected Products : news_portal
    • Published: May. 09, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-2246

    Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition allows remote attackers to inject arbitrary web script or HTML via text fields when adding a blog entry.... Read more

    Affected Products : ublog
    • Published: May. 09, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-2176

    Multiple cross-site scripting (XSS) vulnerabilities in links.php in PHP Linkliste 1.0b allow remote attackers to inject arbitrary web script or HTML via the (1) new_input, (2) new_url, or (3) new_name parameter.... Read more

    Affected Products : php_linkliste
    • Published: May. 04, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-2210

    Cross-site scripting (XSS) vulnerability in index.php in 321soft PhP-Gallery 0.9 allows remote attackers to inject arbitrary web script or HTML via the path parameter. NOTE: this issue might be resultant from the directory traversal vulnerability.... Read more

    Affected Products : php-gallery
    • Published: May. 05, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-1960

    Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg p... Read more

    Affected Products : wireless_lan_solution_engine
    • Published: Apr. 21, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-1889

    Cross-site scripting (XSS) vulnerability in the search action handler in index.php in Nils Asmussen (aka SCRIPTSOLUTION) Boardsolution 1.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Search for" item (keyword param... Read more

    Affected Products : boardsolution
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-1979

    Cross-site scripting (XSS) vulnerability in mwguest.php in Manic Web MWGuest 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the homepage parameter.... Read more

    Affected Products : mwguest
    • Published: Apr. 21, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-1820

    Cross-site scripting (XSS) vulnerability in index.php in ModX 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this might be resultant from the directory traversal vulnerability.... Read more

    Affected Products : modxcms
    • Published: Apr. 18, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-1822

    Cross-site scripting (XSS) vulnerability in search.php in FarsiNews 2.5.3 Pro and earlier allows remote attackers to inject arbitrary web script or HTML via the selected_search_arch parameter.... Read more

    Affected Products : farsinews
    • Published: Apr. 18, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-1404

    Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in BlankOL 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) file or (2) function parameter.... Read more

    Affected Products : blankol
    • Published: Mar. 28, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2020-11091

    In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totall... Read more

    Affected Products : weave_net weave
    • Published: Jun. 03, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 294837 Results