Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2009-3121

    Cross-site scripting (XSS) vulnerability in the Ajax Table module 5.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : drupal ajaxtable
    • Published: Sep. 09, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-3171

    Multiple cross-site scripting (XSS) vulnerabilities in Anantasoft Gazelle CMS 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user parameter to user.php or (2) lookup parameter to search.php.... Read more

    Affected Products : gazelle_cms
    • Published: Sep. 11, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2006-7086

    The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote attackers to obtain sensitive information and download the database via a direct request with a modified dl parameter.... Read more

    Affected Products : hot_links
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-3222

    Cross-site scripting (XSS) vulnerability in index.php in FreeWebScriptz Honest Traffic (FWSHT) 1.x allows remote attackers to inject arbitrary web script or HTML via the msg parameter.... Read more

    Affected Products : honest_traffic
    • Published: Sep. 16, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-3311

    Cross-site scripting (XSS) vulnerability in index.php in RSSMediaScript allows remote attackers to inject arbitrary web script or HTML via the page parameter.... Read more

    Affected Products : rssmediascript
    • Published: Sep. 23, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-4589

    Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP) Webmaster Level (SiteWorx) 3.0.2 (1) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php; and allow remote authe... Read more

    Affected Products : web_control_panel
    • Published: Aug. 29, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-3367

    Multiple cross-site scripting (XSS) vulnerabilities in An image gallery 1.0 allow remote attackers to inject arbitrary web script or HTML via the path parameter to (1) index.php and (2) main.php, and the (3) show parameter to main.php. NOTE: the provenan... Read more

    Affected Products : an_image_gallery
    • Published: Sep. 24, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2006-5825

    Cross-site scripting (XSS) vulnerability in index.php in Kayako SupportSuite 3.00.32 allows remote attackers to inject arbitrary web script or HTML via the query string.... Read more

    Affected Products : supportsuite
    • Published: Nov. 10, 2006
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2007-5227

    Multiple cross-site scripting (XSS) vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.1.593 and earlier in BlackBoard Academic Suite allow remote attackers to inject arbitrary web script or HTML via the (1) subject_t... Read more

    • Published: Oct. 05, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-3440

    Cross-site scripting (XSS) vulnerability in Open Source Security Information Management (OSSIM) before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the option parameter to the default URI (aka the main menu).... Read more

    • Published: Sep. 28, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2006-5761

    Cross-site scripting (XSS) vulnerability in index.php in Rhadrix If-CMS 1.01 and 2.07 allows remote attackers to inject arbitrary web script or HTML via the rns parameter.... Read more

    Affected Products : if-cms
    • Published: Nov. 06, 2006
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-0710

    Multiple cross-site scripting (XSS) vulnerabilities in PHPFootball 1.6 allow remote attackers to inject arbitrary web script or HTML via (1) the user parameter to login.php or (2) the dbfield parameter to filter.php. NOTE: the provenance of this informat... Read more

    Affected Products : phpfootball
    • Published: Feb. 23, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2006-5769

    Multiple cross-site scripting (XSS) vulnerabilities in admin.tool CMS 3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) fSid or (2) fSrcBegriffe parameters in unspecified vectors.... Read more

    Affected Products : admin.tool_cms_3
    • Published: Nov. 06, 2006
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2006-5771

    Cross-site scripting (XSS) vulnerability in Arkoon SSL360 1.0 and 2.0 before 2.0/2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : ssl360
    • Published: Nov. 06, 2006
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2006-5743

    Multiple cross-site scripting (XSS) vulnerabilities in Highwall Enterprise and Highwall Endpoint 4.0.2.11045 management interface allow remote attackers to inject arbitrary web script or HTML via (1) an Access Point with a crafted SSID, (2) the name of th... Read more

    • Published: Nov. 06, 2006
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-6217

    Cross-site scripting (XSS) vulnerability in index.php in Extrakt Framework 0.7 allows remote attackers to inject arbitrary web script or HTML via the plugins[file][id] parameter. NOTE: the provenance of this information is unknown; the details are obtain... Read more

    Affected Products : extrakt_framework
    • Published: Feb. 20, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-6211

    Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php, (3) sess.php, (4) stats.php, (5) detail.php, (6) resiz... Read more

    Affected Products : mcgallery
    • Published: Feb. 20, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-3513

    Multiple cross-site scripting (XSS) vulnerabilities in Pilot Group (PG) eTraining allow remote attackers to inject arbitrary web script or HTML via (1) the cat_id parameter to courses_login.php, the id parameter to (2) news_read.php or (3) lessons_login.p... Read more

    Affected Products : pg_etraining
    • Published: Oct. 01, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-6190

    Cross-site scripting (XSS) vulnerability in index.php in EEBCMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter.... Read more

    Affected Products : eebcms
    • Published: Feb. 19, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2003-1338

    CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header.... Read more

    Affected Products : abyss_web_server
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025
Showing 20 of 293632 Results