Export limit exceeded: 349360 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45785 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-5691 | 1 Symantec | 1 Web Gateway | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP scripts in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated an attack against admin_messages.php. | ||||
| CVE-2015-5720 | 1 Misp-project | 1 Malware Information Sharing Platform | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Information Sharing Platform (MISP) before 2.3.90 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) add.ctp, (2) edit.ctp, and (3) ajaxification.js. | ||||
| CVE-2015-5734 | 1 Wordpress | 1 Wordpress | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the legacy theme preview implementation in wp-includes/theme.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a crafted string. | ||||
| CVE-2015-6346 | 1 Cisco | 1 Secure Access Control Server | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2015-6349 | 1 Cisco | 1 Secure Access Control Server | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2015-6354 | 1 Cisco | 1 Firesight System Software | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.4.1.3 and 6.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuv73338. | ||||
| CVE-2015-6356 | 1 Cisco | 1 Socialminer | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the WeChat page in Cisco Social Miner 10.0(1) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuw60212. | ||||
| CVE-2015-6751 | 1 Time Tracker Project | 1 Time Tracker | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Time Tracker module 7.x-1.x before 7.x-1.4 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via a (1) note added to a time entry or an (2) activity used to categorize time tracker entries. | ||||
| CVE-2015-6752 | 1 Search Api Autocomplete Project | 1 Search Api Autocomplete | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1.3 for Drupal, when the search index is configured to use the HTML filter processor, allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in the returned suggestions. | ||||
| CVE-2015-6919 | 1 Googlesearch Project | 1 Googlesearch | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the googleSearch (CSE) (com_googlesearch_cse) component 3.0.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the q parameter to index.php. | ||||
| CVE-2015-7363 | 1 Fortinet | 4 Fortianalyzer, Fortianalyzer Firmware, Fortimanager and 1 more | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the advanced settings page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.3, in hardware models with a hard disk, and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.3 allows remote administrators to inject arbitrary web script or HTML via vectors related to report filters. | ||||
| CVE-2015-7370 | 1 Revive-adserver | 1 Revive Adserver | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in open-flash-chart.swf in Open Flash Chart 2, as used in the VideoAds plugin in Revive Adserver before 3.2.2 and CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026, allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) data-file parameter. | ||||
| CVE-2015-7377 | 1 Genetechsolutions | 1 Pie Register | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the invitaion_code parameter in a pie-register page to the default URI. | ||||
| CVE-2015-7385 | 1 Open-xchange | 1 Ox Guard | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard before 2.0.0-rev11 allows remote attackers to inject arbitrary web script or HTML via the uid field in a PGP public key, which is not properly handled in "Guard PGP Settings." | ||||
| CVE-2015-7386 | 1 Ghozylab | 1 Gallery - Photo Albums - Portfolio | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in includes/metaboxes.php in the Gallery - Photo Albums - Portfolio plugin 1.3.47 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the (1) Media Title or (2) Media Subtitle fields. | ||||
| CVE-2015-7402 | 1 Ibm | 1 Curam Social Program Management | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2015-7409 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.6 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified field. | ||||
| CVE-2015-7413 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF19 and 8.5.0 through CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2015-7414 | 1 Ibm | 1 Infosphere Master Data Management | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2015-7417 | 1 Ibm | 1 Websphere Application Server | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 7.0 before 7.0.0.41, 8.0 before 8.0.0.12, and 8.5 before 8.5.5.9 allows remote authenticated users to inject arbitrary web script or HTML via crafted data from an OAuth provider. | ||||