Latest CVE Feed
-
2.6
LOWCVE-2015-8233
Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the "Administer themes" permission to inject arbitrary web script or HTML via unspecified vectors rel... Read more
Affected Products : mayo- EPSS Score: %0.32
- Published: Nov. 17, 2015
- Modified: Apr. 12, 2025
-
2.6
LOWCVE-2012-4469
Cross-site scripting (XSS) vulnerability in the Hashcash module 6.x-2.x before 6.x-2.6 and 7.x-2.x before 7.x-2.2 for Drupal, when "Log failed hashcash" is enabled, allows remote attackers to inject arbitrary web script or HTML via an invalid token, which... Read more
- EPSS Score: %0.28
- Published: Nov. 30, 2012
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-2005-1346
Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743,... Read more
- EPSS Score: %0.70
- Published: May. 02, 2005
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2012-3952
Cross-site scripting (XSS) vulnerability in admin/index.php in phpList before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the unconfirmed parameter to the user page.... Read more
Affected Products : phplist- EPSS Score: %6.61
- Published: Aug. 12, 2012
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-2006-3482
Cross-site scripting (XSS) vulnerability in maillist.php in PHPMailList 1.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter.... Read more
Affected Products : phpmaillist- EPSS Score: %0.53
- Published: Jul. 10, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2008-4139
Cross-site scripting (XSS) vulnerability in admin.php in OpenSolution Quick.Cms.Lite 2.1 allows remote attackers to inject arbitrary web script or HTML via the query string.... Read more
Affected Products : quick.cms.lite- EPSS Score: %0.16
- Published: Sep. 24, 2008
- Modified: Apr. 09, 2025
-
2.6
LOWCVE-2006-3043
Cross-site scripting (XSS) vulnerability in search.cfm in CreaFrameXe (CFXe) CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the voltext_suche parameter.... Read more
Affected Products : cfxe-cms- EPSS Score: %0.62
- Published: Jun. 16, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2013-5099
Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Name field. NOTE: some sources have reported that comments.php is vulnerable, b... Read more
Affected Products : anchor_cms- EPSS Score: %2.81
- Published: Aug. 09, 2013
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-2005-1385
Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference.... Read more
Affected Products : safari- EPSS Score: %1.13
- Published: May. 03, 2005
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-4021
The cryptographic module in ScatterChat 1.0.x allows attackers to identify patterns in large numbers of messages by identifying collisions using a birthday attack on the custom padding mechanism for ECB mode encryption.... Read more
Affected Products : scatterchat- EPSS Score: %0.26
- Published: Aug. 17, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2011-4344
Cross-site scripting (XSS) vulnerability in Jenkins Core in Jenkins before 1.438, and 1.409 LTS before 1.409.3 LTS, when a stand-alone container is used, allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages.... Read more
Affected Products : jenkins- EPSS Score: %0.38
- Published: Dec. 01, 2011
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-2006-2903
Cross-site scripting (XSS) vulnerability in admin.php in Particle Links 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter.... Read more
Affected Products : particle_links- EPSS Score: %0.42
- Published: Jun. 08, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-2891
Cross-site scripting (XSS) vulnerability in admin/index.php for Pixelpost 1-5rc1-2 and earlier allows remote attackers to inject arbitrary HTML or web script via the loginmessage parameter.... Read more
Affected Products : pixelpost- EPSS Score: %0.49
- Published: Jun. 07, 2006
- Modified: Apr. 03, 2025
-
2.6
LOW- Published: Sep. 11, 2024
- Modified: Jul. 02, 2025
-
2.6
LOWCVE-2006-1224
Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite arbitrary files via a "%2E." (mixed encoding) in the pg parameter.... Read more
Affected Products : guppy- EPSS Score: %9.20
- Published: Mar. 14, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3510
The Remote Data Service Object (RDS.DataControl) in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (crash) via a series of operations that result in an invalid length calculation when using SysAllocStrin... Read more
Affected Products : ie- EPSS Score: %43.43
- Published: Jul. 11, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3571
Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) titel or (2) ausgabe parameters.... Read more
Affected Products : papoo- EPSS Score: %10.52
- Published: Jul. 13, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2024-39271
Improper restriction of communication channel to intended endpoints in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software before version 23.80 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.... Read more
Affected Products :- Published: Feb. 12, 2025
- Modified: Feb. 12, 2025
- Vuln Type: Information Disclosure
-
2.6
LOWCVE-2006-3073
Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances (ASA), when in WebVPN clientless mode, allow remote attackers to inject arbitrary w... Read more
- EPSS Score: %0.98
- Published: Jun. 19, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3923
Cross-site scripting (XSS) vulnerability in add.php in Fire-Mouse Toplist 1.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the Seitenname parameter.... Read more
Affected Products : fire-mouse_toplist- EPSS Score: %0.68
- Published: Jul. 28, 2006
- Modified: Apr. 03, 2025