Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45687 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3414 | 1 Cisco | 2 Adaptive Security Appliance, Adaptive Security Appliance Software | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCug83080. | ||||
| CVE-2013-3416 | 1 Cisco | 2 Unified Operations Manager, Unified Service Monitor | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications management implementation in Cisco Unified Operations Manager and Unified Service Monitor allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuh47574 and CSCuh95997. | ||||
| CVE-2013-3419 | 1 Cisco | 1 Unified Meetingplace Web Conferencing | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Unified MeetingPlace Web Conferencing allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuh74981. | ||||
| CVE-2013-3422 | 1 Cisco | 1 Secure Access Control System | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Administration pages in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75165. | ||||
| CVE-2013-3423 | 1 Cisco | 1 Secure Access Control System | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCud75174. | ||||
| CVE-2013-3498 | 1 Juniper | 1 Smartpass | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-3501 | 1 Gwos | 1 Groundwork Monitor | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the foundation-webapp/admin/ directory, (2) the NeDi component, or (3) the Noma component. | ||||
| CVE-2013-3515 | 1 Openx | 1 Openx | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in OpenX Source 2.8.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) package parameter to www/admin/plugin-index.php or the (2) group parameter to www/admin/plugin-settings.php. | ||||
| CVE-2013-3534 | 2 Algisinfo, Joomla | 2 Aicontactsafe, Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-3538 | 1 Wesley Destailleur | 1 Todoo Forum | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in todooforum.php in Todoo Forum 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id_post or (2) pg parameter. | ||||
| CVE-2013-1855 | 3 Redhat, Rhel Sam, Rubyonrails | 5 Enterprise Linux, Openshift, 1.4 and 2 more | 2025-04-11 | N/A |
| The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle \n (newline) characters, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS) token sequences. | ||||
| CVE-2013-4138 | 2 Alienwp, Drupal | 2 Hatch, Drupal | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Hatch theme 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with the "Administer content," "Create new article," or "Edit any article type content" permission to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-4140 | 2 Drupal, Drupalisme | 2 Drupal, Tinybox | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the TinyBox (Simple Splash) module before 7.x-2.2 for Drupal allows remote authenticated users with the "administer tinybox" permission to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-4167 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) before 1.11.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-4171 | 1 Apache | 1 Roller | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller before 5.0.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to the search results in the (1) RSS and (2) Atom feed templates. | ||||
| CVE-2013-4174 | 2 Drupal, Ows | 2 Drupal, Scald | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Scald module 7.x-1.x before 7.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via the (1) flash_uri, (2) flash_width, or (3) flash_height in the scald_flash_scald_prerender function in providers/scald_flash/scald_flash.module; or the (4) caption in the scald_image_scald_prerender function in providers/scald_image/scald_image.module. | ||||
| CVE-2013-4181 | 1 Redhat | 2 Enterprise Virtualization, Rhev Manager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-1844 | 1 Matomo | 1 Matomo | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Piwik before 1.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-1823 | 2 Redhat, Rhel Sam | 2 Subscription Asset Manager, 1.2 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Notifications form in Red Hat Subscription Asset Manager before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the username field. | ||||
| CVE-2013-4274 | 2 Drupal, Erikwebb | 2 Drupal, Password Policy | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the password_policy_admin_view function in password_policy.admin.inc in the Password Policy module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer policies" permission to inject arbitrary web script or HTML via the "Password Expiration Warning" field to the admin/config/people/password_policy/add page. | ||||