Exploit Intelligence Platform

Updated 1h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

339,497 CVEs tracked 53,352 with exploits 4,748 exploited in wild 1,551 CISA KEV 3,947 Nuclei templates 49,202 vendors 42,818 researchers

42,625 results Clear all

CVE-2013-6910 EPSS 0.00

Cybozu Garoon < 3.5 - XSS

Cross-site scripting (XSS) vulnerability in Ajax components in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 05, 2013

CVE-2013-6909 EPSS 0.00

Cybozu Garoon < 3.5 - XSS

Cross-site scripting (XSS) vulnerability in a report component in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 05, 2013

CVE-2013-6908 EPSS 0.00

Cybozu Garoon - XSS

Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon 3.x before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 05, 2013

CVE-2013-6907 EPSS 0.00

Cybozu Garoon < 3.5 - XSS

Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon 2.x and 3.x before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 05, 2013

CVE-2013-6906 EPSS 0.00

Cybozu Garoon < 3.5 - XSS

Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon before 3.7.0, when Internet Explorer 6 through 8 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 05, 2013

CVE-2013-6905 EPSS 0.00

Cybozu Garoon < 3.5 - XSS

Cross-site scripting (XSS) vulnerability in a phone component in Cybozu Garoon before 3.7.0, when Internet Explorer or Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 05, 2013

CVE-2013-6904 EPSS 0.00

Cybozu Garoon < 3.5 - XSS

Cross-site scripting (XSS) vulnerability in a note component in Cybozu Garoon before 3.7.0, when Internet Explorer or Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 05, 2013

CVE-2013-6903 EPSS 0.00

Cybozu Garoon < 3.5 - XSS

Cross-site scripting (XSS) vulnerability in a schedule component in Cybozu Garoon before 3.7.0, when Internet Explorer or Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 05, 2013

CVE-2013-6902 EPSS 0.00

Cybozu Garoon < 3.5 - XSS

Cross-site scripting (XSS) vulnerability in the Space function in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 05, 2013

CVE-2013-6901 EPSS 0.00

Cybozu Garoon < 3.5 - XSS

Cross-site scripting (XSS) vulnerability in the Space function in Cybozu Garoon before 3.7.0, when Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 05, 2013

CVE-2013-6900 EPSS 0.00

Cybozu Garoon < 3.5 - XSS

Cross-site scripting (XSS) vulnerability in the system-administration component in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 05, 2013

CVE-2013-5449 EPSS 0.00

IBM Eclipse Help System - XSS

Cross-site scripting (XSS) vulnerability in workingSet.jsp in IBM Eclipse Help System (IEHS), as used in the installable InfoCenter component in IBM FileNet Content Manager 4.5.1, 5.0.0, 5.1.0, and 5.2.0, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 04, 2013

CVE-2013-6690 EPSS 0.00

Cisco Prime Collaboration - XSS

Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Assurance component in Cisco Prime Collaboration allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCui92643, CSCui94038, and CSCui94161.

CWE-79 Dec 03, 2013

CVE-2012-0414 EPSS 0.01

SUSE Manager <1.2 - XSS

Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an image name.

CWE-79 Dec 02, 2013

CVE-2013-6307 EPSS 0.00

IBM Qradar Security Information And Event Manager - XSS

Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Nov 29, 2013

CVE-2013-5448 EPSS 0.00

IBM Security QRadar SIEM <7.2 MR1 Patch 1 - XSS

Cross-site scripting (XSS) vulnerability in the Right Click Plugin context menus in IBM Security QRadar SIEM 7.1 and 7.2 before 7.2 MR1 Patch 1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Nov 29, 2013

CVE-2013-6322 EPSS 0.00

IBM Sterling Selling And Fulfillment Foundation - XSS

Cross-site scripting (XSS) vulnerability in Sterling Order Management in IBM Sterling Selling and Fulfillment Suite 8.0 before HF128 and 8.5 before HF93 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Nov 28, 2013

CVE-2013-4624 2 PoCs Analysis EPSS 0.01

Jahia xCM 6.6.1.0 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Jahia xCM 6.6.1.0 before hotfix 7 allow remote attackers to inject arbitrary web script or HTML via (1) the site parameter to engines/manager.jsp, (2) the searchString parameter to administration/ in a search action, or the (3) username, (4) firstName, (5) lastName, (6) email, or (7) organization field to administration/ in a users action.

CWE-79 Nov 27, 2013

CVE-2013-3920 EPSS 0.00

Jahia Xcm < 6.6.1 - XSS

Cross-site scripting (XSS) vulnerability in Jahia xCM before 6.6.2 allows remote authenticated users to inject arbitrary web script or HTML via the "about me" field.

CWE-79 Nov 27, 2013

CVE-2013-4036 EPSS 0.00

IBM Infosphere Master Data Management... - XSS

Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1 FP13, and IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 FP7 and 11.0 before FP2, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Nov 27, 2013