Export limit exceeded: 364917 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47296 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-2672 1 Christian Weiske 1 Semanticscuttle 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in SemanticScuttle before 0.98 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-2675 1 Utage.org 1 Enkai 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Enkai-kun before 110916 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-2712 1 Apache 1 Wicket 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when setAutomaticMultiWindowSupport is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
CVE-2011-2711 1 Lars Hjemli 1 Cgit 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the print_fileinfo function in ui-diff.c in cgit 0.9.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the filename associated with the rename hint.
CVE-2011-2754 1 Ibm 2 Web Content Manager, Websphere Portal 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the PageBuilder2 (aka Page Builder) theme in IBM WebSphere Portal 7.x before 7.0.0.1 CF006, as used in IBM Web Content Manager (WCM) and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-2770 1 Robert Luberda 1 Man2html 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html 1.6, and possibly other version, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to error messages.
CVE-2011-2904 1 Zabbix 1 Zabbix 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in acknow.php in Zabbix before 1.8.6 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter.
CVE-2011-2938 1 Mantisbt 1 Mantisbt 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php in MantisBT before 1.2.7 allow remote attackers to inject arbitrary web script or HTML via a parameter, as demonstrated by the project_id parameter to search.php.
CVE-2011-2937 1 Roundcube 1 Webmail 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the UI messages functionality in Roundcube Webmail before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter to the default URI.
CVE-2011-3010 1 Twiki 1 Twiki 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, related to the TWiki.WebCreateNewTopicTemplate topic; or (2) the query string to SlideShow.pm in the SlideShowPlugin.
CVE-2011-3058 2 Apple, Google 3 Iphone Os, Mac Os X, Chrome 2025-04-11 N/A
Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.
CVE-2011-3144 2 Aveva, Schneider-electric 3 Clearscada, Scx 67, Scx 68 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-3206 2 Redhat, Rhq-project 2 Jboss Operations Network, Rhq 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in RHQ 4.2.0, as used in JBoss Operations Network (aka JON or JBoss ON) before 3.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-3243 1 Apple 2 Iphone Os, Safari 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows.
CVE-2011-3294 1 Cisco 2 Telepresence Video Communication Servers, Telepresence Video Communication Servers Software 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the login page in the administrative interface on Cisco TelePresence Video Communication Servers (VCS) with software before X7.0 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header, aka Bug ID CSCts80342.
CVE-2011-3382 1 Phorum 1 Phorum 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Phorum before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-3320 1 Ge 1 Intelligent Platforms Proficy Historian 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
CVE-2011-3356 1 Mantisbt 1 Mantisbt 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in config_defaults_inc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO, as demonstrated by the PATH_INFO to (1) manage_config_email_page.php, (2) manage_config_workflow_page.php, or (3) bugs/plugin.php.
CVE-2011-3385 2 Lepton-cms, Websitebaker2 2 Lepton, Websitebaker 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in WebsiteBaker before 2.8, as used in LEPTON and possibly other products, allows remote attackers to inject arbitrary web script or HTML via unknown vectors, a different vulnerability than CVE-2006-2307.
CVE-2011-3687 1 Sonexis 1 Conferencemanager 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Sonexis ConferenceManager 9.2.11.0 allow remote attackers to inject arbitrary web script or HTML via (1) the txtConferenceID parameter to HostLogin.asp, (2) the txtConferenceID parameter to ParticipantLogin.asp, (3) the acp parameter to ForgotPIN.asp, or the (4) Description, (5) title, or (6) Heading parameter to Error.asp.