Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (82453 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-10801 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 58.0.4 has improper session handling for shared users (SEC-139).
CVE-2016-10795 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 59.9999.145 allows stored XSS in the WHM tail_upcp2.cgi interface (SEC-156).
CVE-2016-10784 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self XSS in the alias upload interface (SEC-184).
CVE-2016-10783 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self stored XSS in SSL_listkeys (SEC-182).
CVE-2016-10782 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs (SEC-181).
CVE-2016-10781 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180).
CVE-2016-10780 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows stored XSS in the ftp_sessions API (SEC-180).
CVE-2016-10779 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows stored XSS in api1_listautoresponders (SEC-179).
CVE-2016-10778 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self stored XSS in the listftpstable API (SEC-178).
CVE-2016-10777 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscover_host (SEC-177).
CVE-2016-10776 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows stored XSS during the homedir removal phase of WHM Account termination (SEC-174).
CVE-2016-10774 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows self XSS in the tail_ea4_migration.cgi interface (SEC-172).
CVE-2016-10767 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159).
CVE-2016-10763 1 Automattic 1 Camptix Event Ticketing 2024-11-21 N/A
The CampTix Event Ticketing plugin before 1.5 for WordPress allows XSS in the admin section via a ticket title or body.
CVE-2016-10762 1 Automattic 1 Camptix Event Ticketing 2024-11-21 N/A
The CampTix Event Ticketing plugin before 1.5 for WordPress allows CSV injection when the export tool is used.
CVE-2016-10761 1 Logitech 10 K360, K360 Firmware, K400r and 7 more 2024-11-21 N/A
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack.
CVE-2016-10760 1 Seowonintech 8 Swr-300a, Swr-300a Firmware, Swr-300b and 5 more 2024-11-21 N/A
On Seowon Intech routers, there is a Command Injection vulnerability in diagnostic.cgi via shell metacharacters in the ping_ipaddr parameter.
CVE-2016-10744 1 Select2 1 Select2 2024-11-21 N/A
In Select2 through 4.0.5, as used in Snipe-IT and other products, rich selectlists allow XSS. This affects use cases with Ajax remote data loading when HTML templates are used to display listbox data.
CVE-2016-10737 1 S9y 1 Serendipity 2024-11-21 N/A
Serendipity 2.0.4 has XSS via the serendipity_admin.php serendipity[body] parameter.
CVE-2016-10736 1 Devpups 1 Social Pug 2024-11-21 N/A
The "Social Pug - Easy Social Share Buttons" plugin before 1.2.6 for WordPress allows XSS via the wp-admin/admin.php?page=dpsp-toolkit dpsp_message_class parameter.