CGI abuses : XSS Family for Nessus

Page 2 of 14 686 total

IDNameSeverity
101846EMC RSA Authentication Manager < 8.2 SP1 Patch 1 Token Profile Name Stored XSS (ESA-2017-068)Low
101089Check_MK < 1.4.0p6 webapi.py XSSMedium
100872Sophos Web Appliance < 4.3.2 FTP Redirect Page Reflected XSSMedium
100845Sophos Web Appliance < 4.3.0 FTP Redirect Page Reflected XSSMedium
97417McAfee ePolicy Orchestrator 5.1.x < 5.1.3 HF1110787 Computer Management Services XSS (SB10184)Low
97193Tenable Nessus 6.8.x and 6.9.x < 6.9.1 Stored XSS (TNS-2016-17)Low
97192Tenable Nessus 6.x < 6.9 Multiple Vulnerabilities (TNS-2016-16) (SWEET32)Critical
96833Tenable Nessus 6.x < 6.9.3 Multiple Stored XSSLow
94759Adobe Connect < 9.5.7 event_registration.html Multiple Parameter XSS (APSB16-35)Medium
92841VMware vRealize Log Insight 2.x / 3.x < 3.3.2 Multiple Vulnerabilities (VMSA-2016-0008)Medium
91989ManageEngine ADSelfService Plus < 5.3 Build 5313 PasswordSelfServiceAPI XSSMedium
91713VMware vCenter Server 5.0.x < 5.0u3g / 5.1.x < 5.1u3d / 5.5.x < 5.5u2d Reflected XSS (VMSA-2016-0009)Medium
91460BlackBerry Enterprise Service (BES) Management Console 12.x < 12.4.1 Multiple XSSMedium
90835McAfee Email Gateway 7.6.x < 7.6.404 Blocked Email Alert XSS (SB10153)Medium
90763VMware vRealize Automation 6.x < 6.2.4 Unspecified Stored XSS (VMSA-2016-0003)Low
90537Piwik < 2.16.0 Unspecified XSSMedium
90445ManageEngine Firewall Analyzer Multiple XSSMedium
90351VMware vRealize Business Unspecified Stored XSS (VMSA-2016-0003)Low
90247Apache Jetspeed Portal URI Path Reflected XSSMedium
88965Nessus Web UI Scanned Content Stored XSSMedium
88904Tenable Nessus < 6.5.5 Host Details Scan Results XSSLow
88842Fortinet FortiWeb 5.1.2 < 5.3.5 Autolearn Configuration Multiple XSSMedium
88840Fortinet FortiADC Model D < 4.2 Theme Login Page XSSMedium
86804ManageEngine AssetExplorer < 6.1.0 Build 6113 Multiple XSSMedium
86471Fortinet FortiManager FortiOS 5.0.x >= 5.0.3 and < 5.0.11 Dataset Reports XSSMedium
86470Fortinet FortiAnalyzer FortiOS 5.0.x < 5.0.11 / 5.2.x < 5.2.2 Dataset Reports XSSMedium
86445DNN (DotNetNuke) < 7.4.2 Multiple VulnerabilitiesMedium
86020Joomla! 3.4.x < 3.4.4 Login Module XSSMedium
85962Splunk Enterprise 6.2.x < 6.2.6 / Splunk Light 6.2.x < 6.2.6 Splunk Web XSSMedium
85380MS15-087: Vulnerability in UDDI Services Could Allow Elevation of Privilege (3082459) (uncredentialed check)Medium
85221Atlassian JIRA 4.2.x < 5.1.1 Multiple XSSMedium
85217Atlassian JIRA 4.2.x < 4.4 / 4.3.x < 4.4 Multiple XSSMedium
83520IBM Rational License Key Server Administration and Reporting Tool 8.1.4.x < 8.1.4.7 XSSMedium
83475Adobe/Apache Flex ASDoc Tool XSSMedium
83351WordPress Multiple XSSMedium
82827WP Super Cache Plugin for WordPress wp-cache.php Cache List Content Handling XSSMedium
81699MyBB < 1.6.15 Video MyCode XSSMedium
81670Fortinet FortiMail < 4.3.9 / 5.0.8 / 5.1.5 / 5.2.3 XSSMedium
81552Symantec Data Center Security Server 'WCUnsupportedClass.jsp' XSSMedium
81550Symantec Data Center Security Server 'SSO-Error.jsp' XSS (SYM15-001)Low
81385FancyBox Plugin for WordPress 'mfbfw' Parameter Persistent XSSMedium
81383Fortinet FortiAuthenticator 'operation' Parameter XSSHigh
81319DNN (DotNetNuke) < 7.4.0 Unspecified Persistent XSSMedium
80553W3 Total Cache Plugin For WordPress Cache Key XSSMedium
79743LogAnalyzer < 3.6.6 index.php / detail.php 'hostname' Parameter XSSMedium
79624Apache Traffic Server Host HTTP XSSMedium
79387LiveZilla < 5.3.0.8 XSSMedium
79385Google Calendar Events Plugin for WordPress 'admin-ajax.php' XSSMedium
79253Fortinet FortiAnalyzer / FortiManager < 5.0.7 Multiple Unspecified XSS (FG-IR-14-033)Medium
78738phpMyAdmin 4.0.x < 4.0.10.5 / 4.1.x < 4.1.14.6 / 4.2.x < 4.2.10.1 Multiple XSS (PMASA-2014-12)Low

Page 2 of 14 686 total