Export limit exceeded: 348953 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45760 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-5690 | 1 Open-xchange | 1 Open-xchange Appsuite | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite before 7.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) content with the text/xml MIME type or (2) the Status comment field of an appointment. | ||||
| CVE-2013-5693 | 1 X2engine | 1 X2crm | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in X2Engine X2CRM before 3.5 allows remote attackers to inject arbitrary web script or HTML via the model parameter to index.php/admin/editor. | ||||
| CVE-2013-5698 | 1 Open-xchange | 2 Open-xchange Appsuite, Open-xchange Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and Server before 6.22.0 rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8 allows remote authenticated users to inject arbitrary web script or HTML via a delivery=view action, aka Bug ID 26373, a different vulnerability than CVE-2013-3106. | ||||
| CVE-2013-5702 | 1 Watchguard | 2 Fireware, Watchguard System Manager | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in WatchGuard WSM and Fireware before 11.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters. | ||||
| CVE-2013-5707 | 1 Trivantis | 1 Coursemill Learning Management System | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Learning Management System (LMS) 6.8 allow remote attackers to inject arbitrary web script or HTML via crafted input containing a %22 sequence, a different issue than CVE-2013-3604. | ||||
| CVE-2010-3289 | 1 Hp | 1 Systems Insight Manager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5744 | 1 Fengoffice | 1 Feng Office | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Feng Office 2.3.2-rc and earlier allows remote attackers to inject arbitrary web script or HTML via an arbitrary ref_XXX parameter. | ||||
| CVE-2013-6280 | 1 Linksalpha | 1 Social Sharing Toolkit Plugin | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-6289 | 2 Ingo Renner, Typo3 | 2 Apache Solr, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-6327 | 1 Ibm | 1 Sterling Connect Enterprise Http Option | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the HTTP Option in IBM Sterling Connect:Enterprise 1.3 before 1.3.0.2 iFix 1 and 1.4 before 1.4.0.0 iFix 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "cross-frame scripting" issue. | ||||
| CVE-2013-6342 | 1 Tweet-blender | 1 Tweet-blender | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php. | ||||
| CVE-2013-6344 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| The ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows attackers to conduct cross-frame scripting attacks via unknown vectors. | ||||
| CVE-2013-6374 | 1 Jenkins-ci | 1 Build Failure Analyzer | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.5.1 for Jenkins allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-6387 | 1 Drupal | 1 Drupal | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Image module in Drupal 7.x before 7.24 allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the description field. | ||||
| CVE-2013-6388 | 1 Drupal | 1 Drupal | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Color module in Drupal 7.x before 7.24 allows remote attackers to inject arbitrary web script or HTML via vectors related to CSS. | ||||
| CVE-2013-6415 | 3 Redhat, Rhel Sam, Rubyonrails | 5 Openstack, Rhel Software Collections, 1.4 and 2 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the number_to_currency helper in actionpack/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the unit parameter. | ||||
| CVE-2013-6416 | 1 Rubyonrails | 1 Rails | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute. | ||||
| CVE-2013-7316 | 1 Gitlab | 1 Gitlab | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by README.html. | ||||
| CVE-2013-7317 | 1 Cs-cart | 1 Cs-cart | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) settings_file or (2) data_file parameter to (a) ampie.swf, (b) amline.swf, or (c) amcolumn.swf. | ||||
| CVE-2013-7318 | 1 Algosec | 1 Firewall Analyzer | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in BusinessFlow/login in AlgoSec Firewall Analyzer 6.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||