Latest CVE Feed
-
2.6
LOWCVE-2006-5451
Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) file, and (3) users array variables in (a) admin.php, which are not properly handled when the admi... Read more
Affected Products : torrentflux- EPSS Score: %1.10
- Published: Oct. 23, 2006
- Modified: Apr. 09, 2025
-
2.6
LOWCVE-2006-4975
Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted remote attackers to inject arbitrary web script or HTML via a URL at the online service.... Read more
Affected Products : messenger- EPSS Score: %0.32
- Published: Sep. 25, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-0926
Multiple directory traversal vulnerabilities in Allume StuffIt Standard and Deluxe 9.0, ZipMagic Deluxe 9.0, and StuffIt Expander 9.0.0.21 Engine 9.0.0.21 allow remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a (1... Read more
- EPSS Score: %1.10
- Published: Feb. 28, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2025-0148
Missing password field masking in the Zoom Jenkins Marketplace plugin before version 1.6 may allow an unauthenticated user to conduct a disclosure of information via adjacent network access.... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Feb. 03, 2025
- Vuln Type: Information Disclosure
-
2.6
LOWCVE-2006-1944
Multiple cross-site scripting (XSS) vulnerabilities in SibSoft CommuniMail 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the list_id parameter in mailadmin.cgi and (2) the form_id parameter in templates.cgi.... Read more
Affected Products : communimail- EPSS Score: %0.95
- Published: Apr. 20, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3366
Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) l... Read more
Affected Products : v3_chat- EPSS Score: %0.48
- Published: Jul. 06, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3265
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Qdig before 1.2.9.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) pre_gallery or (2) post_gallery parameters.... Read more
Affected Products : qdig- EPSS Score: %0.53
- Published: Jun. 27, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3550
Multiple cross-site scripting (XSS) vulnerabilities in F5 Networks FirePass 4100 5.x allow remote attackers to inject arbitrary web script or HTML via unspecified "writable form fields and hidden fields," including "authentication frontends."... Read more
Affected Products : firepass_4100- EPSS Score: %0.71
- Published: Jul. 13, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-4231
IrfanView 3.98 (with plugins) allows remote attackers to cause a denial of service (application crash) via a crafted CUR image file.... Read more
Affected Products : irfanview- EPSS Score: %0.71
- Published: Aug. 18, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3284
Cross-site scripting (XSS) vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to inject arbitrary web script or HTML via the login parameter in (1) webmaster/index.php and (2) search.php.... Read more
Affected Products : dating_agent_pro- EPSS Score: %0.43
- Published: Jun. 28, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3061
Multiple cross-site scripting (XSS) vulnerabilities in 5 Star Review allow remote attackers to inject arbitrary web script or HTML via the (1) sort parameter in index2.php, (2) item_id parameter in report.php, (3) search_term parameter (aka the "search bo... Read more
Affected Products : five_star_review_script- EPSS Score: %8.04
- Published: Jun. 19, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3399
Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki before 1.1.2-20060702 allows remote attackers to inject arbitrary Javascript via the URL, which is reflected back in an error message, a variant of CVE-2004-1632.... Read more
Affected Products : moniwiki- EPSS Score: %0.70
- Published: Jul. 06, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3241
Cross-site scripting (XSS) vulnerability in messages.php in XennoBB 1.0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the tid parameter.... Read more
Affected Products : xennobb- EPSS Score: %0.43
- Published: Jun. 27, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-1680
Jupiter CMS 1.1.5, when display_errors is enabled, allows remote attackers to obtain the full server path via a direct request to modules/online.php.... Read more
Affected Products : jupiter_cms- EPSS Score: %0.40
- Published: Apr. 11, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-1745
Cross-site scripting (XSS) vulnerability in login.php in Bitweaver 1.3 allows remote attackers to inject arbitrary web script or HTML via the error parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third... Read more
Affected Products : bitweaver- EPSS Score: %0.40
- Published: Apr. 12, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-1699
Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner Generator 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the banner parameter in view mode.... Read more
Affected Products : banner_generator- EPSS Score: %0.53
- Published: Apr. 11, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2008-4549
The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ImageShack Toolbar 4.5.7, possibly including 4.5.7.69, allows remote attackers to force the upload of arbitrary image files to the ImageShack site via a file: URI argument to the BuildSlide... Read more
Affected Products : imageshack_toolbar- EPSS Score: %6.72
- Published: Oct. 14, 2008
- Modified: Apr. 09, 2025
-
2.6
LOWCVE-2005-1683
Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted mcw file.... Read more
Affected Products : word- EPSS Score: %15.13
- Published: May. 20, 2005
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-1675
Multiple cross-site scripting (XSS) vulnerabilities in PHPWebGallery 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) num, and (3) search parameters to (a) category.php, and the (4) slideshow, (5) show_metadata, and... Read more
Affected Products : phpwebgallery- EPSS Score: %0.56
- Published: Apr. 10, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-2015
Cross-site scripting (XSS) vulnerability in SL_site 1.0 allows remote attackers to inject arbitrary web script or HTML via the recherche parameter in recherche.php. NOTE: other XSS vectors, as reported in the original disclosure, are resultant from other... Read more
Affected Products : sl_site- EPSS Score: %0.62
- Published: Apr. 25, 2006
- Modified: Apr. 03, 2025