Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2006-1029

    The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>... Read more

    Affected Products : joomla
    • Published: Mar. 07, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2012-1215

    Cross-site scripting (XSS) vulnerability in the Add friends module in the Yoono extension before 7.7.8 for Firefox allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action.... Read more

    Affected Products : yoono_for_firefox
    • Published: Feb. 21, 2012
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2006-0983

    Cross-site scripting (XSS) vulnerability in index.php in QwikiWiki 1.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter.... Read more

    Affected Products : qwikiwiki
    • Published: Mar. 03, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0941

    Multiple cross-site scripting (XSS) vulnerabilities in post.php in ShoutLIVE 1.1.0 allow remote attackers to inject arbitrary web script or HTML via certain variables when posting new messages.... Read more

    Affected Products : shoutlive
    • Published: Mar. 01, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0885

    Cross-site scripting (XSS) vulnerability in show_news.php in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the show parameter.... Read more

    Affected Products : cutenews
    • Published: Feb. 25, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0776

    Cross-site scripting (XSS) vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.... Read more

    Affected Products : guestex
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0773

    Cross-site scripting (XSS) vulnerability in Hitachi Business Logic - Container 02-03 through 03-00-/B on Windows, and 03-00 through 03-00-/B on Linux, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the extended r... Read more

    Affected Products : business_logic
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0735

    Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML::BBCode 1.04 and earlier, as used in products such as My Blog before 1.65, allows remote attackers to inject arbitrary Javascript via a javascript URI in an (1) img or (2) url BBcode ta... Read more

    Affected Products : my_blog html-bbcode
    • Published: Feb. 16, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0703

    Unspecified vulnerability in index.php in imageVue 16.1 has unknown impact, probably a cross-site scripting (XSS) vulnerability involving the query string that is not quoted when inserted into style and body tags, as demonstrated using a bgcol parameter.... Read more

    Affected Products : imagevue
    • Published: Feb. 15, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0675

    Cross-site scripting (XSS) vulnerability in search.php in Siteframe 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the q parameter.... Read more

    Affected Products : siteframe
    • Published: Feb. 13, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0643

    Cross-site scripting (XSS) vulnerability in WiredRed e/pop Web Conferencing 4.1.0.755 allows remote authenticated users to inject arbitrary web script or HTML via the topic name of a conference.... Read more

    Affected Products : e_pop_web_conferencing
    • Published: Feb. 10, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0662

    Cross-site scripting (XSS) vulnerability in Lotus Domino iNotes Client 6.5.4 allows remote attackers to inject arbitrary web script or HTML via email with attached html files, which are directly rendered in the browser.... Read more

    • Published: Feb. 13, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0663

    Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) an email subject; (2) an encoded javascript URI, as demonstrated using "java&#13;script:"... Read more

    • Published: Feb. 13, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2012-1212

    Cross-site scripting (XSS) vulnerability in the smwfOnSfSetTargetName function in extensions/SMWHalo/includes/SMW_Initialize.php in Semantic Enterprise Wiki (SMW+) 1.5.6, 1.6.0_2 and earlier allows remote attackers to inject arbitrary web script or HTML v... Read more

    Affected Products : smw\+
    • Published: Feb. 24, 2012
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2012-1211

    Cross-site scripting (XSS) vulnerability in pfile/kommentar.php in Powie pFile 1.02 allows remote attackers to inject arbitrary web script or HTML via the filecat parameter.... Read more

    Affected Products : pfile
    • Published: Feb. 24, 2012
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2006-0593

    Cross-site scripting (XSS) vulnerability in PHP-Fusion before 6.00.304 allows remote attackers to inject arbitrary web script or HTML via the (1) shout_name field in shoutbox_panel.php and the (2) comments field in comments_include.php.... Read more

    Affected Products : php_fusion
    • Published: Feb. 08, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0533

    Cross-site scripting (XSS) vulnerability in webmailaging.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via the numdays parameter.... Read more

    Affected Products : cpanel
    • Published: Feb. 04, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0571

    Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in the administrative interface.... Read more

    Affected Products : phpstatus
    • Published: Feb. 07, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0501

    Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the Name field, when registering a user.... Read more

    Affected Products : myco_guestbook
    • Published: Feb. 01, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0480

    Cross-site scripting (XSS) vulnerability in the Articles module in sPaiz-Nuke allows remote attackers to inject arbitrary web script or HTML via the query parameter in the search file.... Read more

    Affected Products : spaiz-nuke_cms
    • Published: Jan. 31, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 294850 Results