Export limit exceeded: 47163 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (47163 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-3900 | 1 Piwigo | 1 Piwigo | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/picture_modify.php in the photo-edit subsystem in Piwigo 2.6.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the associate[] field, a different vulnerability than CVE-2014-4649. | ||||
| CVE-2016-4393 | 1 Hp | 1 System Management Homepage | 2025-04-12 | N/A |
| HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue. | ||||
| CVE-2011-5307 | 1 Photosmash Project | 1 Photosmash | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in the PhotoSmash plugin 1.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter. | ||||
| CVE-2011-5297 | 1 Ttfreeware | 1 Tigertoms Chat Room | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in TTChat 1.0.4 allow remote attackers to inject arbitrary web script or HTML via (1) the msg parameter to default.php or (2) the username parameter to chat_form.php. | ||||
| CVE-2011-5296 | 1 Tuttophp | 1 Happy Chat | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in profilo.php in Happy Chat 1.0 allows remote attackers to inject arbitrary web script or HTML via the nick parameter. | ||||
| CVE-2011-5283 | 1 Smoothwall | 1 Smoothwall | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the web management interface in httpd/cgi-bin/ipinfo.cgi in Smoothwall Express 3.1 and 3.0 SP3 and earlier allows remote attackers to inject arbitrary web script or HTML via the IP parameter in a Run action. | ||||
| CVE-2014-4538 | 1 Malware Finder Plugin Project | 1 Malware Finder | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in process.php in the Malware Finder plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2014-3898 | 1 Fujitsu | 1 Serverview Operations Manager | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Fujitsu ServerView Operations Manager 5.00.09 through 6.30.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2016-5061 | 1 Aternity | 1 Aternity | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the web server in Aternity before 9.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTPAgent, (2) MacAgent, (3) getExternalURL, or (4) retrieveTrustedUrl page. | ||||
| CVE-2014-3738 | 1 Zenoss | 1 Zenoss | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Zenoss 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the title of a device. | ||||
| CVE-2014-3740 | 1 Spiceworks | 1 Spiceworks | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in SpiceWorks before 7.2.00195 allows remote authenticated users to inject arbitrary web script or HTML via the Summary field in a ticket request to the portal page. | ||||
| CVE-2014-4346 | 1 Citrix | 4 Netscaler Access Gateway, Netscaler Access Gateway Firmware, Netscaler Application Delivery Controller and 1 more | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-4193 | 1 Suse | 2 Studio Extension For System Z, Studio Onsite | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to cloning. | ||||
| CVE-2014-3758 | 1 Karlen Walter | 1 Si Bibtex | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via vectors related to the import functionality. | ||||
| CVE-2014-3894 | 1 Php Kobo | 1 Multifunctional Mailform Free | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header. | ||||
| CVE-2014-9516 | 1 Social Microblogging Pro Project | 1 Social Microblogging Pro | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Social Microblogging PRO 1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI, related to the "Web Site" input in the Profile section. | ||||
| CVE-2010-5314 | 1 Chialab \& Channelweb | 1 Bedita | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in controllers/home_controller.php in BEdita before 3.1 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter to news/index. | ||||
| CVE-2014-3774 | 1 Teampass | 1 Teampass | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in items.php in TeamPass before 2.1.20 allow remote attackers to inject arbitrary web script or HTML via the group parameter, which is not properly handled in a (1) hid_cat or (2) open_folder form element, or (3) id parameter, which is not properly handled in the open_id form element. | ||||
| CVE-2014-3892 | 1 Nexatechnologies | 1 Meridian | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Nexa Meridian before 2014 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2016-3969 | 1 Mcafee | 1 Email Gateway | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in McAfee Email Gateway (MEG) 7.6.x before 7.6.404, when File Filtering is enabled with the action set to ESERVICES:REPLACE, allows remote attackers to inject arbitrary web script or HTML via an attachment in a blocked email. | ||||