Export limit exceeded: 45828 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45828 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-6439 | 1 Elasticsearch | 1 Elasticsearch | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the CORS functionality in Elasticsearch before 1.4.0.Beta1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-6444 | 1 Titan Framework Project | 1 Titan Framework | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to iframe-googlefont-preview.php or the (2) text parameter to iframe-font-preview.php. | ||||
| CVE-2014-6623 | 1 Arubanetworks | 1 Clearpass | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Insight module in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote attackers to hijack the authentication of a logged in user via unspecified vectors. | ||||
| CVE-2014-6616 | 1 Softing | 2 Fg-100 Profibus, Fg-x00 Profibus Firmware | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/. | ||||
| CVE-2014-6618 | 1 Your Online Shop Project | 1 Your Online Shop | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Your Online Shop allows remote attackers to inject arbitrary web script or HTML via the products_id parameter. | ||||
| CVE-2014-6620 | 1 Arubanetworks | 1 Clearpass | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-7157 | 1 Exinda | 1 Wan Optimization Suite | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Exinda WAN Optimization Suite 7.0.0 (2160) allows remote attackers to inject arbitrary web script or HTML via the tabsel parameter to admin/launch. | ||||
| CVE-2014-7181 | 1 Maxfoundry | 1 Maxbuttons | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the Max Foundry MaxButtons plugin before 1.26.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter in a button action on the maxbuttons-controller page to wp-admin/admin.php, related to the button creation page. | ||||
| CVE-2014-7182 | 1 Codecabin | 1 Wp Go Maps | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the WP Google Maps plugin before 6.0.27 for WordPress allow remote attackers to inject arbitrary web script or HTML via the poly_id parameter in an (1) edit_poly, (2) edit_polyline, or (3) edit_marker action in the wp-google-maps-menu page to wp-admin/admin.php. | ||||
| CVE-2014-7183 | 1 Litecart | 1 Litecart | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the search.php in LiteCart 1.1.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) query parameter or (2) QUERY_STRING. | ||||
| CVE-2014-7200 | 1 Kevin Renskers | 1 Dmmjobcontrol | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in pi1/class.tx_dmmjobcontrol_pi1.php in the JobControl (dmmjobcontrol) extension 2.14.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via the tx_dmmjobcontrol_pi1[search][keyword] parameter to jobs/. | ||||
| CVE-2014-7248 | 1 Ipa | 1 Ilogscanner | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in IPA iLogScanner 4.0 allows remote attackers to inject arbitrary web script or HTML by triggering a crafted entry in a log file. | ||||
| CVE-2014-7258 | 1 Kent-web | 1 Clip Board | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in KENT-WEB Clip Board 2.91 and earlier, when running certain versions of Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-7261 | 1 Ultrapop | 1 I-httpd | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263. | ||||
| CVE-2014-7262 | 1 Ultrapop | 1 I-httpd | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string. | ||||
| CVE-2014-7264 | 1 Chyrp | 1 Chyrp | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in admin/themes/default/pages/manage_users.twig in the Users Management feature in the admin component in Chyrp before 2.5.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user.email or (2) user.website field in a user registration. | ||||
| CVE-2014-7265 | 1 Linpha | 1 Linpha | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in LinPHA allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-7267 | 1 Ricksoft | 1 Wbs Gantt-chart | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the output-page generator in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-7268. | ||||
| CVE-2014-7268 | 1 Ricksoft | 1 Wbs Gantt-chart | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the data-export feature in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-7267. | ||||
| CVE-2014-7277 | 1 Zyxel | 2 Sbg3300-n, Sbg3300-n Firmware | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified "welcome message" form data that is improperly handled during rendering of the loginMessage list item, a different vulnerability than CVE-2014-7278. | ||||