Export limit exceeded: 23296 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45930 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45930 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-3998 | 2 Clickfraud-monitoring, Phpwhois Project | 2 Adsense-click-fraud-monitoring, Phpwhois | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in phpwhois 4.2.5, as used in the adsense-click-fraud-monitoring plugin 1.7.5 for WordPress, allows remote attackers to inject arbitrary web script or HTML via the query parameter to whois.php. | ||||
| CVE-2015-4072 | 1 Helpdesk Pro Project | 1 Helpdesk Pro | 2025-04-20 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via vectors related to name and message. | ||||
| CVE-2015-5282 | 2 Redhat, Theforeman | 3 Satellite, Satellite Capsule, Foreman | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after. | ||||
| CVE-2015-5379 | 1 Axigen | 1 Axigen Mail Server | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in actions.hsp in the Ajax WebMail interface in AXIGEN Mail Server before 9.0 allows remote attackers to inject arbitrary web script or HTML via an email attachment. | ||||
| CVE-2015-5381 | 1 Roundcube | 2 Roundcube Webmail, Webmail | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter to the default URI. | ||||
| CVE-2015-6027 | 1 Castlerock | 1 Snmpc | 2025-04-20 | 6.1 Medium |
| Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP. | ||||
| CVE-2015-6035 | 1 Opsview | 1 Opsview | 2025-04-20 | N/A |
| Opsview before 2015-11-06 has XSS via SNMP. | ||||
| CVE-2015-6748 | 3 Debian, Jsoup, Redhat | 4 Debian Linux, Jsoup, Jboss Bpms and 1 more | 2025-04-20 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3. | ||||
| CVE-2015-6942 | 1 Coremail | 1 Coremail Xt | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in Coremail XT3.0 allows remote attackers to inject arbitrary web script or HTML via a hyperlink in a document attachment. | ||||
| CVE-2015-6959 | 1 Vindula | 1 Vindula | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in Vindula 1.9. | ||||
| CVE-2015-7324 | 1 Stackideas | 1 Komento | 2025-04-20 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment. | ||||
| CVE-2015-7349 | 1 Vasco | 1 Digipass | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in the sample feedback.inc file in VASCO DIGIPASS authentication plug-in for Citrix Web Interface allows remote attackers to inject arbitrary web script or HTML via the failmessage parameter. | ||||
| CVE-2015-8477 | 1 Redmine | 1 Redmine | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering. | ||||
| CVE-2015-8622 | 1 Mediawiki | 1 Mediawiki | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1, when is configured with a relative URL, allows remote authenticated users to inject arbitrary web script or HTML via wikitext, as demonstrated by a wikilink to a page named "javascript:alert('XSS!')." | ||||
| CVE-2015-8936 | 1 Squidguard | 1 Squidguard | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in squidGuard.cgi in squidGuard before 1.5 allows remote attackers to inject arbitrary web script or HTML via a blocked site link. | ||||
| CVE-2015-8975 | 1 Mybb | 2 Merge System, Mybb | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in the error handler in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2015-8976 | 1 Mybb | 2 Merge System, Mybb | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inject arbitrary web script or HTML via vectors related to "old upgrade files." | ||||
| CVE-2015-9057 | 1 Proxmox | 1 Proxmox Mail Gateway | 2025-04-20 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allow remote attackers to inject arbitrary web script or HTML via multiple parameters, related to /users/index.htm, /quarantine/spam/manage.htm, /quarantine/spam/whitelist.htm, /queues/mail/index/, /system/ssh.htm, /queues/mail/?domain=, and /quarantine/virus/manage.htm. | ||||
| CVE-2015-9102 | 1 Synology | 1 Photo Station | 2025-04-20 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station 6.0 before 6.0-2638 and 6.3 before 6.3-2962 allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) album name, (2) file name of uploaded photos, (3) description of photos, or (4) tag of the photos. | ||||
| CVE-2015-9104 | 1 Synology | 1 Audio Station | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerabilities in Synology Audio Station 5.1 before 5.1-2550 and 5.4 before 5.4-2857 allows remote authenticated attackers to inject arbitrary web script or HTML via the album title. | ||||