Export limit exceeded: 365161 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47350 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-0735 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum46470.
CVE-2014-0681 1 Cisco 1 Identity Services Engine Software 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Cisco Identity Services Engine (ISE) 1.2 patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via a report containing a crafted URL that is not properly handled during generation of report-output pages, aka Bug ID CSCui15064.
CVE-2014-0680 1 Cisco 1 Identity Services Engine 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the HTTP control interface in the NAC Web Agent component in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCui15038.
CVE-2014-0673 1 Cisco 1 Video Surveillance Indoor Fixed Dome Ip Hd Camera 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the web interface on Cisco Video Surveillance 5000 HD IP Dome cameras allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCud10943 and CSCud10950.
CVE-2014-0670 1 Cisco 1 Mediasense 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum16686.
CVE-2014-0668 1 Cisco 1 Secure Access Control System 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the portal in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCue65949.
CVE-2010-4120 1 Ibm 1 Tivoli Access Manager For E-business 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
CVE-2013-4460 1 Mantisbt 1 Mantisbt 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name.
CVE-2014-0663 1 Cisco 1 Secure Access Control System 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum03625.
CVE-2010-4109 1 Hp 1 Palm Webos 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file.
CVE-2014-0794 1 Joomla 2 Com Jvcomment, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the JV Comment (com_jvcomment) component before 3.0.3 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a comment.like action to index.php.
CVE-2010-4101 1 Hp 1 Insight Recovery 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Insight Recovery before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-0811 1 Blackboard 1 Vista\/ce 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Blackboard Vista/CE 8.0 SP6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-0812 2 Kent-web, Microsoft 2 Joyful Note, Internet Explorer 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in KENT-WEB Joyful Note 2.8 and earlier, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4097 1 Avatic 1 Aardvark Topsites Php 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) title, (3) u, and (4) url parameters. NOTE: the q parameter is already covered by CVE-2009-2302.
CVE-2014-0814 1 Phpmyfaq 1 Phpmyfaq 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-0853 1 Ibm 1 Rational Focal Point 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the (1) ForwardController and (2) AttributeEditor scripts in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-2983 1 Ibm 2 Sterling B2b Integrator, Sterling File Gateway 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling File Gateway 2.2 and Sterling B2B Integrator allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2013-0468.
CVE-2014-0855 1 Ibm 2 Connections Portlets, Websphere Portal 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in IBM Connections Portlets 4.x before 4.5.1 FP1 for IBM WebSphere Portal 7.0.0.2 and 8.0.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4071 1 Otrs 1 Otrs 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichText is enabled, allows remote attackers to inject arbitrary web script or HTML via JavaScript in an HTML e-mail.