Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2010-0703

    Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VPN 4.6 allows remote attackers to inject arbitrary web script or HTML via the reloadFrame parameter.... Read more

    Affected Products : ssl_vpn
    • Published: Feb. 23, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2010-0615

    Cross-site scripting (XSS) vulnerability in assess.php in evalSMSI 2.1.03 allows remote attackers to inject arbitrary web script or HTML via the reports comment box in a continue_assess action. NOTE: some of these details are obtained from third party in... Read more

    Affected Products : evalsmsi
    • Published: Feb. 11, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2008-6346

    Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : typo3 dr_wiki
    • Published: Feb. 27, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2010-0371

    Multiple cross-site scripting (XSS) vulnerabilities in index.php in Hitmaaan Gallery 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) gall and (2) levela parameters.... Read more

    Affected Products : hitmaaan_gallery
    • Published: Jan. 21, 2010
    • Modified: Apr. 11, 2025

  • 4.3

    MEDIUM
    CVE-2010-0320

    Cross-site scripting (XSS) vulnerability in submitlink.php in Glitter Central Script allows remote attackers to inject arbitrary web script or HTML via the catid parameter.... Read more

    Affected Products : glitter_central_script
    • Published: Jan. 15, 2010
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4608

    Cross-site scripting (XSS) vulnerability in Canon IT Solutions Inc. ACCESSGUARDIAN 3.0.14 and earlier, and 3.5.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to authentication.... Read more

    Affected Products : accessguardian
    • Published: Jan. 13, 2010
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4478

    Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html.... Read more

    Affected Products : real_estate
    • Published: Dec. 30, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4461

    Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.909 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) contact.php, (2) login.php, and (3) search.php.... Read more

    Affected Products : flatpress
    • Published: Dec. 30, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4464

    Cross-site scripting (XSS) vulnerability in searchadvance.asp in Active Business Directory 2 allows remote attackers to inject arbitrary web script or HTML via the search parameter.... Read more

    Affected Products : active_business_directory
    • Published: Dec. 30, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-1798

    Multiple cross-site scripting (XSS) vulnerabilities on the Network Management Card (NMC) on American Power Conversion (APC) Switched Rack PDU (aka Rack Mount Power Distribution) devices and other devices allow remote attackers to inject arbitrary web scri... Read more

    • Published: Dec. 28, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4425

    Cross-site scripting (XSS) vulnerability in index.php in iDevCart 1.09 allows remote attackers to inject arbitrary web script or HTML via the SEARCH parameter in a browse action.... Read more

    Affected Products : idevcart
    • Published: Dec. 28, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4404

    Unspecified vulnerability in t-prot (TOFU Protection) before 2.8 allows remote attackers to cause a denial of service via unspecified vectors related to the "--maxlines" option and a crafted email message. NOTE: some of these details are obtained from th... Read more

    Affected Products : t-prot
    • Published: Dec. 23, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4422

    Multiple cross-site scripting (XSS) vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csim_in_html_ex1.php, and other unspecified ve... Read more

    Affected Products : jpgraph
    • Published: Dec. 24, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4382

    Cross-site scripting (XSS) vulnerability in module.php in PHPFABER CMS, possibly 1.3.36, allows remote attackers to inject arbitrary web script or HTML via the mod parameter.... Read more

    • Published: Dec. 22, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4395

    Cross-site scripting (XSS) vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : typo3 ste_prayer2
    • Published: Dec. 22, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4366

    Cross-site scripting (XSS) vulnerability in index.php in ScriptsEz Ez Blog 1.0 allows remote attackers to inject arbitrary web script or HTML via the yr parameter in a bmonth action.... Read more

    Affected Products : ez_blog
    • Published: Dec. 21, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4255

    Cross-site scripting (XSS) vulnerability in the You!Hostit! template 1.0.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the created_by_alias parameter in index.php.... Read more

    Affected Products : joomla\! you\!hostit\!
    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4266

    Cross-site scripting (XSS) vulnerability in search.php in YABSoft Advanced Image Hosting (AIH) Script 2.2, and possibly 2.3, allows remote attackers to inject arbitrary web script or HTML via the text parameter.... Read more

    Affected Products : advanced_image_hosting_script
    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4239

    Cross-site scripting (XSS) vulnerability in the Web console in IBM InfoSphere Information Server 8.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : infosphere_information_server
    • Published: Dec. 09, 2009
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2009-4253

    Cross-site scripting (XSS) vulnerability in dspStats.php in PowerPhlogger 2.2.5 allows remote attackers to inject arbitrary web script or HTML via the edit parameter.... Read more

    Affected Products : pphlogger
    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 293435 Results