漏洞分类 — 跨站脚本

英文名字
XSS
CVE ID:
79
漏洞详情:
跨站脚本,即Cross Site Script (通常简写为XSS)是指攻击者利用网站程序对用户输入过滤不足,输入可以显示在页面上对其他用户造成影响的HTML代码,从而盗取用户资料、利用用户身份进行某种动作或者对访问者进行病毒侵害的一种攻击方式。

相关漏洞

SSV ID 漏洞名称
SSV-17204 cpCommerce 1.1.0 (XSS/LFI) Multiple Remote Vulnerabilities
SSV-3100 sablog 1.6 多个跨站漏洞
SSV-8215 BolinOS 4.6.1 (LFI/XSS) Multiple Security Vulnerabilities
SSV-17157 Affiliate Market Ver.0.1 BETA XSS / SQL Injection Exploit
SSV-17156 PKs Movie Database 3.0.3 XSS / SQL Injection Vulnerabilities
SSV-7925 Simple Forum 3.2 (FD/XSS) Multiple Remote Vulnerabilities
SSV-2748 Discuz! "$_SERVER['PHP_SELF']" XSS Vulnerability
SSV-7652 GF-3XPLORER 2.4 (XSS/LFI/Etc.) Multiple Remote Vulnerabilities
SSV-7536 FTP Admin 0.1.0 (LFI/XSS/AB) Multiple Remote Vulnerabilities
SSV-17093 Apache Tomcat (webdav) Remote File Disclosure Exploit
SSV-2166 Sohu图片公园跨站漏洞
SSV-7163 WordPress MultiUser crossite scripting PoC
SSV-2092 Apache Tomcat错误消息报告跨站脚本漏洞
SSV-1871 Discuz! 5.5 0324 跨站漏洞
SSV-1601 FireBug 跨站脚本执行漏洞
SSV-16911 OpenBSD ICMPv6 Fragment Remote Execution Exploit PoC
SSV-6376 WordPress AdminPanel CSRF/XSS - 0day
SSV-16895 WORK system e-commerce <= 3.0.5 Remote File Inclusion Vulnerability
SSV-6293 PHP 4.4.3 - 4.4.6 phpinfo() Remote XSS Vulnerability
SSV-18029 PHP < 4.5.0 unserialize Overflow
SSV-1378 LBS 2 跨站漏洞[Referer ]
SSV-6061 bitweaver 1.3.1 XSS Exploit
SSV-5962 Adobe Acrobat Reader Plugin <= 7.0.x (acroreader) XSS Vulnerability
SSV-1084 Hotmail and Windows Live Mail XSS Vulnerabilities
SSV-5795 EcommerceCorporationOnlineStoreKitmore.php多个安全漏洞 Exploit
SSV-5721 Xoops多个跨站脚本漏洞(CSS/XSS) Exploit
SSV-5720 ASPNuke多个跨站脚本漏洞(CSS/XSS) Exploit
SSV-5715 PostNuke多个远程输入验证漏洞 Exploit
SSV-16764 Ultimate HelpDesk (XSS/Local File Disclosure) Vulnerabilities
SSV-5547 BlogMe 3.0 (XSS/Auth Bypass) Multiple Remote Vulnerabilities
SSV-5539 ContentNow 1.30 (upload/xss) Multiple Remote Vulnerabilities
SSV-325 动网(DVBBS)多个跨站脚本执行(CSS/XSS)漏洞
SSV-318 动网论坛DVBBS) MYMODIFY.ASP页面过滤不严导致跨站脚本攻击CSS/XSS)
SSV-324 YABBSE多个跨站脚本执行漏洞(CSS/XSS)
SSV-16545 exV2 <= 2.0.4.3 extract() Remote Command Execution Exploit
SSV-16544 Wili-CMS <= 0.1.1 (include/xss/full path) Remote Vulnerabilities
SSV-16535 Php Blue Dragon CMS <= 2.9.1 (XSS/SQL) Code Execution Exploit
SSV-16484 PhpLinkExchange 1.0 (include/xss) Remote Vulnerabilities
SSV-16485 phpBB <= 2.0.21 (Poison NULL Byte) Remote Exploit
SSV-16128 F@cile Interactive Web <= 0.8x Remote (Include / XSS) Vulnerabilities
SSV-16123 Hot Open Tickets <= 11012004 (CLASS_PATH) Remote Include Vuln
SSV-16122 Easy-Content Forums 1.0 Multiple SQL/XSS Vulnerabilities
SSV-16112 BASE <= 1.2.4 melissa (Snort Frontend) Remote Inclusion Vulnerabilities
SSV-16111 Drupal <= 4.7 (attachment mod_mime) Remote Exploit
SSV-16108 phpCommunityCalendar <= 4.0.3 Multiple (XSS/SQL) Vulnerabilities
SSV-16109 PunkBuster < 1.229 (WebTool Service) Remote Buffer Overflow DoS
SSV-16110 netPanzer 0.8 rev 952 (frameNum) Server Terminiation Exploit
SSV-15915 Jupiter CMS <= 1.1.5 Multiple XSS Attack Vectors
SSV-15889 Aztek Forum 4.00 (XSS/SQL) Multiple Vulnerabilities (PoC)
SSV-15826 phpBB <= 2.0.19 XSS Remote Cookie Disclosure Exploit
SSV-15799 phpBB <= 2.0.18 Remote XSS Cookie Disclosure Exploit
SSV-15916 SGI IRIX <= 6.5.28 (runpriv) Design Error Vulnerability
SSV-19616 ASP-Nuke RC1 图象标记跨站脚本执行漏洞(CSS/XSS)
SSV-19612 ASP-Nuke <= 0.80 多个跨站脚本(CSS/XSS)漏洞
SSV-19610 ASP-Nuke RC1-RC2 用户资料页面跨站脚本(CSS/XSS)执行漏洞
SSV-19609 ASP-Nuke RC2 存在跨站脚本(CSS/XSS)执行漏洞
SSV-15637 e107 <= 0.617 XSS Remote Cookie Disclosure Exploit
SSV-15634 phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit (cookie grabber)
SSV-15630 phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit
SSV-18277 Bitrix Site Manager 4.0.5 Remote File Inclusion Vulnerability
SSV-18468 Sun Solaris AnswerBook2 Multiple XSS
SSV-18406 Roger Wilco 1.x Client Data Buffer Overflow Exploit
SSV-18407 psyBNC <= 2.3 Denial of Service Exploit
京ICP备10040895号 京公网安备 11010502034610号 Copyright @ 404 Team from Knownsec. English