Export limit exceeded: 45762 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45762 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-2137 | 1 Apache | 1 Ofbiz | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the "View Log" screen in the Webtools application in Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-3832 | 1 Milesj | 1 Decoda | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in decoda/Decoda.php in Decoda before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to (1) b or (2) div tags. | ||||
| CVE-2013-2177 | 2 Drupal, Kristof De Jaeger | 2 Drupal, Display Suite | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via an entity bundle label. | ||||
| CVE-2013-2181 | 1 Monkey-project | 1 Monkey | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Directory Listing plugin in Monkey HTTP Daemon (monkeyd) 1.2.2 allows attackers to inject arbitrary web script or HTML via a file name. | ||||
| CVE-2013-2205 | 1 Wordpress | 1 Wordpress | 2025-04-11 | N/A |
| The default configuration of SWFUpload in WordPress before 3.5.2 has an unrestrictive security.allowDomain setting, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted web site. | ||||
| CVE-2010-4836 | 1 Phpshop | 1 Phpshop | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and earlier allows remote attackers to inject arbitrary web script or HTML via the name_new parameter. | ||||
| CVE-2013-2244 | 1 Moodle | 1 Moodle | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in lib/conditionlib.php in Moodle 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allow remote attackers to inject arbitrary web script or HTML via the conditional access rule value of a user field. | ||||
| CVE-2013-3422 | 1 Cisco | 1 Secure Access Control System | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Administration pages in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75165. | ||||
| CVE-2010-4837 | 2 Extensiondepot, Joomla | 2 Com Jsupport, Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the subject parameter (title field) in a saveTicket action to index2.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2013-3423 | 1 Cisco | 1 Secure Access Control System | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCud75174. | ||||
| CVE-2013-3498 | 1 Juniper | 1 Smartpass | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-4841 | 1 Manageengine | 1 Eventlog Analyzer | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine EventLog Analyzer 6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) HOST_ID, (2) OS, (3) GROUP, (4) exportFile, (5) load, (6) type, or (7) tab parameter to INDEX.do, the (8) reported parameter to INDEX2.do, the (9) gId parameter to hostlist.do, the (10) newWindow parameter to globalSettings.do, or the (11) STATUS parameter to enableHost.do. Fixed in Build 9000. | ||||
| CVE-2013-3501 | 1 Gwos | 1 Groundwork Monitor | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the foundation-webapp/admin/ directory, (2) the NeDi component, or (3) the Noma component. | ||||
| CVE-2013-3515 | 1 Openx | 1 Openx | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in OpenX Source 2.8.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) package parameter to www/admin/plugin-index.php or the (2) group parameter to www/admin/plugin-settings.php. | ||||
| CVE-2013-3534 | 2 Algisinfo, Joomla | 2 Aicontactsafe, Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-3538 | 1 Wesley Destailleur | 1 Todoo Forum | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in todooforum.php in Todoo Forum 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id_post or (2) pg parameter. | ||||
| CVE-2013-3584 | 1 Corporater | 1 Epm Suite | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Corporater EPM Suite allows remote attackers to inject arbitrary web script or HTML via the customerId parameter to an unspecified component. | ||||
| CVE-2013-3603 | 1 Trivantis | 1 Coursemill Learning Management System | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Coursemill Learning Management System (LMS) 6.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages. | ||||
| CVE-2010-4852 | 1 Eclime | 1 Eclime | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b allows remote attackers to inject arbitrary web script or HTML via the reason parameter in a fail action. | ||||
| CVE-2010-4863 | 1 Get-simple | 1 Getsimple Cms | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/changedata.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the post-title parameter. | ||||