Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (42952 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2016-10813 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118).
CVE-2016-10806 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 57.9999.54 allows self XSS on the Paper Lantern Landing Page (SEC-110).
CVE-2016-10795 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 59.9999.145 allows stored XSS in the WHM tail_upcp2.cgi interface (SEC-156).
CVE-2016-10784 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self XSS in the alias upload interface (SEC-184).
CVE-2016-10783 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self stored XSS in SSL_listkeys (SEC-182).
CVE-2016-10782 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs (SEC-181).
CVE-2016-10781 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180).
CVE-2016-10780 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows stored XSS in the ftp_sessions API (SEC-180).
CVE-2016-10779 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows stored XSS in api1_listautoresponders (SEC-179).
CVE-2016-10778 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self stored XSS in the listftpstable API (SEC-178).
CVE-2016-10777 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscover_host (SEC-177).
CVE-2016-10776 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows stored XSS during the homedir removal phase of WHM Account termination (SEC-174).
CVE-2016-10774 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self XSS in the tail_ea4_migration.cgi interface (SEC-172).
CVE-2016-10767 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159).
CVE-2016-10763 1 Automattic 1 Camptix Event Ticketing 2024-11-21 N/A
The CampTix Event Ticketing plugin before 1.5 for WordPress allows XSS in the admin section via a ticket title or body.
CVE-2016-10744 1 Select2 1 Select2 2024-11-21 N/A
In Select2 through 4.0.5, as used in Snipe-IT and other products, rich selectlists allow XSS. This affects use cases with Ajax remote data loading when HTML templates are used to display listbox data.
CVE-2016-10737 1 S9y 1 Serendipity 2024-11-21 N/A
Serendipity 2.0.4 has XSS via the serendipity_admin.php serendipity[body] parameter.
CVE-2016-10736 1 Devpups 1 Social Pug 2024-11-21 N/A
The "Social Pug - Easy Social Share Buttons" plugin before 1.2.6 for WordPress allows XSS via the wp-admin/admin.php?page=dpsp-toolkit dpsp_message_class parameter.
CVE-2016-10735 2 Getbootstrap, Redhat 9 Bootstrap, Cloudforms Managementengine, Enterprise Linux and 6 more 2024-11-21 N/A
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CVE-2016-10719 1 Tp-link 2 Archer Cr700, Archer Cr700 Firmware 2024-11-21 N/A
TP-Link Archer CR-700 1.0.6 devices have an XSS vulnerability that can be introduced into the admin account through a DHCP request, allowing the attacker to steal the cookie information, which contains the base64 encoded username and password.