Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2005-3506

    Cross-site scripting (XSS) vulnerability in proxy.asp in Sambar Server 6.3 BETA 2 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the (1) Remote Proxy Server or (2) Proxy Filter IPs field.... Read more

    Affected Products : sambar_server
    • Published: Nov. 05, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3329

    Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic operation.... Read more

    Affected Products : authentication_agent_for_web
    • Published: Oct. 27, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3839

    Cross-site scripting (XSS) vulnerability in SupportPRO Supportdesk allows remote attackers to inject arbitrary web script or HTML via the (1) post tickers and (2) view tickets options.... Read more

    Affected Products : supportdesk
    • Published: Nov. 26, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3902

    Cross-site scripting (XSS) vulnerability in gui/errordocs/index.php in Virtual Hosting Control System (VHCS) 2.2.0 through 2.4.6.2 allows remote attackers to inject arbitrary web script or HTML via query strings that are included in an error message, as d... Read more

    Affected Products : virtual_hosting_control_system
    • Published: Nov. 29, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3972

    Cross-site scripting (XSS) vulnerability in extremesearch.php in Extreme Search Corporate Edition 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.... Read more

    Affected Products : extreme_search
    • Published: Dec. 03, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-3991

    Multiple cross-site scripting (XSS) vulnerabilities in phpMyChat 0.14.6 allow remote attackers to inject arbitrary web script or HTML via the medium parameter to (1) start_page.css.php and (2) style.css.php; or the From parameter to users_popupL.php.... Read more

    Affected Products : phpmychat
    • Published: Dec. 04, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4042

    Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to search.cgi.... Read more

    Affected Products : warm_links
    • Published: Dec. 06, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2007-3578

    PHPIDS before 20070703 does not properly handle (1) arithmetic expressions and (2) unclosed comments, which allows remote attackers to inject arbitrary web script.... Read more

    Affected Products : phpids
    • Published: Jul. 05, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2005-4231

    Cross-site scripting (XSS) vulnerability in Link Up Gold 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) link parameter to tell_friend.php, (2) phrase[] parameter to search.php in a search_links_advanced action, and ... Read more

    Affected Products : link_up_gold
    • Published: Dec. 14, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4245

    Cross-site scripting (XSS) vulnerability in search.php in Snipe Gallery 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.... Read more

    Affected Products : snipe_gallery
    • Published: Dec. 14, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2007-5136

    Cross-site scripting (XSS) vulnerability in DFD Cart 1.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : dfd_cart
    • Published: Sep. 28, 2007
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2005-4290

    Cross-site scripting (XSS) vulnerability in index.cgi in ECW-Cart 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) kword, (2) max, (3) min, (4) comp, and (5) f parameters.... Read more

    Affected Products : ecw-cart
    • Published: Dec. 16, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4255

    Cross-site scripting (XSS) vulnerability in TextSearch in WikkaWiki 1.1.6.0 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded phrase parameter.... Read more

    Affected Products : wikkawiki
    • Published: Dec. 15, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4322

    Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attacker... Read more

    • Published: Dec. 17, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4388

    Cross-site scripting (XSS) vulnerability in search.cfm in CONTENS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the near parameter.... Read more

    Affected Products : contens
    • Published: Dec. 20, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4375

    Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant from CVE-2005-4376.... Read more

    Affected Products : amaxus
    • Published: Dec. 20, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4395

    Cross-site scripting (XSS) vulnerability in FarCry 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the criteria parameter.... Read more

    Affected Products : farcry
    • Published: Dec. 20, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-3916

    Cross-site scripting (XSS) vulnerability in snews.php in sNews (aka Solucija News) 1.4 allows remote attackers to inject arbitrary web script or HTML via the search_query parameter.... Read more

    Affected Products : snews
    • Published: Jul. 28, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-3924

    Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before 1.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : dokeos
    • Published: Jul. 28, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-3956

    Multiple cross-site scripting (XSS) vulnerabilities in contact.php in Advanced Webhost Billing System (AWBS) 2.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) AccountUsername and (3) Message parameters.... Read more

    Affected Products : advanced_webhost_billing_system
    • Published: Aug. 01, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 293280 Results