Latest CVE Feed
-
2.6
LOWCVE-2006-1144
Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php.... Read more
Affected Products : hithost- EPSS Score: %3.30
- Published: Mar. 10, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-0927
Multiple cross-site scripting (XSS) vulnerabilities in the JGS-XA JGS-Gallery Addon 4.0.0 and earlier for Woltlab Burning Board (wBB) 2.x allow remote attackers to inject arbitrary web script or HTML via the (1) userid parameter in (a) jgs_galerie_slidesh... Read more
- EPSS Score: %5.78
- Published: Feb. 28, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2013-5099
Cross-site scripting (XSS) vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Name field. NOTE: some sources have reported that comments.php is vulnerable, b... Read more
Affected Products : anchor_cms- EPSS Score: %2.81
- Published: Aug. 09, 2013
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-2008-4139
Cross-site scripting (XSS) vulnerability in admin.php in OpenSolution Quick.Cms.Lite 2.1 allows remote attackers to inject arbitrary web script or HTML via the query string.... Read more
Affected Products : quick.cms.lite- EPSS Score: %0.16
- Published: Sep. 24, 2008
- Modified: Apr. 09, 2025
-
2.6
LOWCVE-2006-1757
Cross-site scripting (XSS) vulnerability in index.php in Vegadns 0.99 allows remote attackers to inject arbitrary web script or HTML via the message parameter.... Read more
Affected Products : vegadns- EPSS Score: %0.35
- Published: Apr. 13, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2010-2854
Multiple cross-site scripting (XSS) vulnerabilities in modfile.php in Event Horizon (EVH) 1.1.10, when magic_quotes_gpc is disabled, allow remote attackers to inject arbitrary web script or HTML via the (1) YourEmail and (2) VerificationNumber parameters,... Read more
Affected Products : event_horizon- EPSS Score: %0.26
- Published: Jul. 25, 2010
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-2006-3043
Cross-site scripting (XSS) vulnerability in search.cfm in CreaFrameXe (CFXe) CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the voltext_suche parameter.... Read more
Affected Products : cfxe-cms- EPSS Score: %0.62
- Published: Jun. 16, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2005-1385
Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference.... Read more
Affected Products : safari- EPSS Score: %1.13
- Published: May. 03, 2005
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3482
Cross-site scripting (XSS) vulnerability in maillist.php in PHPMailList 1.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter.... Read more
Affected Products : phpmaillist- EPSS Score: %0.53
- Published: Jul. 10, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-1117
nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) SecureDB, (6) DSE200 Document Sealing Engine, (7) Time Source Master Clock (TSMC), and possibly other products, contains certain options that were only intende... Read more
Affected Products : ncore dse200_document_sealing_engine nforce securedb time_source_master_clock nethsm nshield payshield- EPSS Score: %0.41
- Published: Mar. 09, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-1898
Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper Tiny PHP Forum (TPF) 3.6 allow remote attackers to inject arbitrary web script or HTML via (1) the uname parameter in a view action in profile.php and (2) a login name. NOTE: the "Access... Read more
Affected Products : tinyphpforum- EPSS Score: %0.43
- Published: Apr. 20, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2022-31017
Zulip is an open-source team collaboration tool. Versions 2.1.0 through and including 5.2 are vulnerable to a logic error. A stream configured as private with protected history, where new subscribers should not be allowed to see messages sent before they ... Read more
- EPSS Score: %0.17
- Published: Jun. 25, 2022
- Modified: Nov. 21, 2024
-
2.6
LOWCVE-2006-2406
Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and possibly earlier versions, when register_globals is enabled, allows remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing ... Read more
Affected Products : unclassified_newsboard- EPSS Score: %3.36
- Published: May. 16, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2014-9433
Multiple cross-site scripting (XSS) vulnerabilities in cms/front_content.php in Contenido before 4.9.6, when advanced mod rewrite (AMR) is disabled, allow remote attackers to inject arbitrary web script or HTML via the (1) idart, (2) lang, or (3) idcat pa... Read more
Affected Products : contendio- EPSS Score: %0.42
- Published: Dec. 31, 2014
- Modified: Apr. 12, 2025
-
2.6
LOWCVE-2006-3654
Buffer overflow in wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted Excel files.... Read more
Affected Products : works- EPSS Score: %39.58
- Published: Jul. 18, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3769
Multiple cross-site scripting (XSS) vulnerabilities in Top XL 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pass and (2) pass2 parameters in (a) add.php or the (3) id parameter in (b) members/index.php.... Read more
Affected Products : top_xl- EPSS Score: %1.39
- Published: Jul. 24, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2008-3712
Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and 4.6.5, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) query string to mambots/editors/mostlyce/jscripts/tiny_mce/filemanage... Read more
Affected Products : mambo- EPSS Score: %4.01
- Published: Aug. 19, 2008
- Modified: Apr. 09, 2025
-
2.6
LOWCVE-2007-3822
Multiple cross-site scripting (XSS) vulnerabilities in Webcit before 7.11 allow remote attackers to inject arbitrary web script or HTML via (1) the who parameter to showuser; and other vectors involving (2) calendar mode, (3) bulletin board mode, (4) room... Read more
Affected Products : webcit- EPSS Score: %7.07
- Published: Jul. 17, 2007
- Modified: Apr. 09, 2025
-
2.6
LOWCVE-1999-0396
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.... Read more
- EPSS Score: %0.66
- Published: Feb. 17, 1999
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2010-1515
Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) keyword or (2) article-id parameter in conjunction with a /admin/news/article/list PA... Read more
Affected Products : tomatocms- EPSS Score: %0.31
- Published: Jun. 15, 2010
- Modified: Apr. 11, 2025