Export limit exceeded: 47137 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (47137 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-2059 | 2 Drupal, Steve Lockwood | 2 Drupal, Ticketyboo News Ticker | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the ticketyboo News Ticker module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-2129 | 1 Andreas Gohr | 1 Dokuwiki | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to inject arbitrary web script or HTML via the target parameter in an edit action. | ||||
| CVE-2012-2021 | 1 Hp | 1 Assetmanager | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-5045 | 1 Jjwdesign | 1 Php Booking Calendar | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in details_view.php in PHP Booking Calendar 10e allows remote attackers to inject arbitrary web script or HTML via the page_info_message parameter. | ||||
| CVE-2012-2011 | 1 Hp | 1 Web Jetadmin | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin 8.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-2001 | 1 Hp | 1 Snmp Agents For Linux | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-2002 | 3 Addison Berry, Drupal, Jeff Warrington | 3 Wordfilter, Drupal, Wordfilter | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x before 5.x-1.1 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with "administer words filtered" privileges, to inject arbitrary web script or HTML via the word list. | ||||
| CVE-2012-1979 | 1 Syndeocms | 1 Syndeocms | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the email parameter (aka Email address field) in an edit_user configuration action. | ||||
| CVE-2011-5178 | 1 Infoblox | 1 Netmri | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eulaAccepted or (2) mode parameter. | ||||
| CVE-2012-0220 | 1 Ikiwiki | 1 Ikiwiki | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin (Plugin/meta.pm) in ikiwiki before 3.20120516 allow remote attackers to inject arbitrary web script or HTML via the (1) author or (2) authorurl meta tags. | ||||
| CVE-2010-2088 | 1 Microsoft | 1 Asp.net | 2025-04-11 | N/A |
| ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks against the form control via the __VIEWSTATE parameter. | ||||
| CVE-2012-1898 | 1 Ivano Binetti | 1 Wolf Cms | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in wolfcms/admin/user/add in Wolf CMS 0.75 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user[name], (2) user[email], or (3) user[username] parameters. | ||||
| CVE-2012-1908 | 1 Splunk | 1 Splunk | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2012-1829 | 1 Efstechnology | 1 Autoform Pdm Archive | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in AutoFORM PDM Archive before 6.920 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields. | ||||
| CVE-2012-1814 | 1 Emerson | 3 Deltav, Deltav Proessentials Scientific Graph, Deltav Workstation | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-1792 | 1 Oscommerce | 1 Online Merchant | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Setup/Application/Install/RPC/DBCheck.php in OSCommerce Online Merchant 3.0.2, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the name parameter to oscommerce/index.php, which is not properly handled in an error message. NOTE: this might not be a vulnerability, since the ability to access oscommerce/index.php during installation may already imply administrator privileges. | ||||
| CVE-2012-1789 | 1 Tskynet | 1 Kongreg8 | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Kongreg8 1.7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) surname or (2) firstname parameters to modules/members/addmember.php; or (3) groupdescription or (4) groupname parameters to modules/groups/addgroupform.php. | ||||
| CVE-2012-1788 | 1 Wonderdesk | 1 Wonderdesk Sql | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in wonderdesk.cgi in WonderDesk SQL 4.14 allow remote attackers to inject arbitrary web script or HTML via the (1) cus_email parameter in a cust_lostpw action; or (2) help_name, (3) help_email, (4) help_website, or (5) help_example_url parameters in an hd_modify_record action. | ||||
| CVE-2012-1659 | 2 Ariel Barreiro, Drupal | 2 Noderecommendation, Drupal | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Node Recommendation module 6.x-1.x before 6.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-1660 | 2 Drupal, Nathan Haug | 2 Drupal, Webform | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in components/select.inc in the Webform module 6.x-3.x before 6.x-3.17 and 7.x-3.x before 7.x-3.17 for Drupal, when the "Select (or other)" module is enabled, allow remote authenticated users with the create webform content permission to inject arbitrary web script or HTML via vectors related to (1) checkboxes or (2) radios. | ||||