Export limit exceeded: 364862 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47293 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-1038 1 Juniper 1 Networks Mobility System Software 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the WebAAA login functionality (wba_login.html) in Juniper Networks Mobility System Software (MSS) 7.6.x before 7.6.3, 7.7.x before 7.7.1, 7.5.x before 7.5.3, and other unspecified versions before 7.4 and 7.3 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter name.
CVE-2009-4662 1 Novell 1 Groupwise 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 7.0 before 7.03 HP4 and 8.0 before 8.0 SP1 allows remote attackers to inject arbitrary web script or HTML via the User.Theme.index parameter.
CVE-2012-1046 1 Ibm 1 Cognos Tm1 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in TM1 Web in IBM Cognos TM1 9.5.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0696.
CVE-2012-2059 2 Drupal, Steve Lockwood 2 Drupal, Ticketyboo News Ticker 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the ticketyboo News Ticker module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-2060 2 Drupal, Nijskens Raf 2 Drupal, Admintools 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Admin tools module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-2072 2 Drupal, Patrick Przybilla 2 Drupal, Addtoany 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Share Buttons (AddToAny) module 6.x-3.x before 6.x-3.4 for Drupal allows remote authenticated users with the administer addtoany permission to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-1080 1 Typo3 2 Skt Eurocalc, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Euro Calculator (skt_eurocalc) extension 0.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-2075 2 Drupal, Steindom 2 Drupal, Contact Save 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Contact Save module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the access site-wide contact form permission to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-0587 1 Apple 1 Iphone Os 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589.
CVE-2012-2726 2 Alberto Trujillo Gonzalez, Drupal 2 Protest, Drupal 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Protest module 6.x-1.x before 6.x-1.2 or 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "administer protest" permission to inject arbitrary web script or HTML via the protest_body parameter.
CVE-2012-2703 2 Drupal, John Franklin 2 Drupal, Advertisement 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Advertisement module 6.x-2.x before 6.x-2.3 for Drupal, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to the "$conf variable in settings.php."
CVE-2012-2076 2 Drupal, Rob Loach 2 Drupal, Sharethis 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the administration forms in the ShareThis module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with administer sharethis permissions to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-2698 1 Mediawiki 1 Mediawiki 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to inject arbitrary web script or HTML via the uselang parameter to index.php/Main_page.
CVE-2012-2099 1 Wikidforum 1 Wikidforum 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Wikidforum 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) search field, or the (2) Author or (3) select_sort parameters in an advanced search.
CVE-2012-2683 2 Redhat, Trevor Mckay 2 Enterprise Mrg, Cumin 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) "error message displays" or (2) "in source HTML on certain pages."
CVE-2012-2662 1 Redhat 3 Certificate System, Dogtag Certificate System, Enterprise Linux 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to the (1) System Agent or (2) End Entity pages.
CVE-2012-0696 1 Ibm 2 Cognos Executive Viewer, Cognos Tm1 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Executive Viewer (EV) in IBM Cognos TM1 before 9.5 FP1 allow remote attackers to inject arbitrary web script or HTML via unspecified requests to (1) aspnet_client or (2) evserver/createcontrol.js.
CVE-2012-2643 1 Kent-web 1 Yy-board 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in KENT-WEB YY-BOARD before 6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted form entry.
CVE-2012-2112 1 Typo3 1 Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote attackers to inject arbitrary web script or HTML via exception messages.
CVE-2012-2151 1 Spip 1 Spip 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in SPIP 1.9.x before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.