Export limit exceeded: 45758 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45758 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-3047 | 1 Cisco | 37 Scientific Atlanta Dpc2420, Scientific Atlanta Dpc3000\/epc3000, Scientific Atlanta Dpc3008\/epc3008 and 34 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the web-wizard setup page on Cisco Scientific Atlanta D20 and D30 cable modems allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-3233 | 1 Kayako | 1 Fusion | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in __swift/thirdparty/PHPExcel/PHPExcel/Shared/JAMA/docs/download.php in Kayako Fusion 4.40.1148, and possibly before 4.50.1581, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| CVE-2012-3255 | 1 Hp | 1 Business Availability Center | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-3279 | 1 Hp | 1 Network Node Manager I | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-3293 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME elements, related to a cross-frame scripting (XFS) issue. | ||||
| CVE-2012-3790 | 1 Adiscon | 1 Loganalyzer | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter in a Search action. | ||||
| CVE-2012-3828 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header. | ||||
| CVE-2012-3830 | 1 Milesj | 1 Decoda | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in decoda/templates/video.php in Decoda before 3.3.3 allows remote attackers to inject arbitrary web script or HTML via the video directive. | ||||
| CVE-2012-3831 | 1 Milesj | 1 Decoda | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in decoda/templates/video.php in Decoda before 3.3.1 allows remote attackers to inject arbitrary web script or HTML via multiple URLs in an img tag. | ||||
| CVE-2012-3832 | 1 Milesj | 1 Decoda | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in decoda/Decoda.php in Decoda before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to (1) b or (2) div tags. | ||||
| CVE-2012-3833 | 1 Opensolution | 1 Quick.cms | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the default index page in admin/ in Quick.CMS 4.0 allows remote attackers to inject arbitrary web script or HTML via the p parameter. | ||||
| CVE-2012-3837 | 1 Babygekko | 1 Baby Gekko | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in apps/users/registration.template.php in Baby Gekko 1.2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) email_address, (3) password, (4) password_verify, (5) firstname, (6) lastname, or (7) verification_code parameter to users/action/register. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-3843 | 1 E107 | 1 E107 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the registration page in e107, probably 1.0.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-3844 | 1 Vbulletin | 1 Vbulletin | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in vBulletin 4.1.12 allows remote attackers to inject arbitrary web script or HTML via a long string in the subject parameter when creating a post. | ||||
| CVE-2012-3846 | 1 Atmoner | 1 Php-pastebin | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PHP-pastebin 2.1 allows remote attackers to inject arbitrary web script or HTML via the title parameter. | ||||
| CVE-2012-3869 | 1 Redaxo | 1 Redaxo | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in include/classes/class.rex_list.inc.php in REDAXO 4.3.x and 4.4 allows remote attackers to inject arbitrary web script or HTML via the subpage parameter to index.php. | ||||
| CVE-2012-3997 | 1 Sayakbanerjee | 1 Sticky Notes | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to inject arbitrary web script or HTML via the (1) paste_user or (2) paste_lang parameter to (a) list.php or (b) show.php. | ||||
| CVE-2012-3992 | 4 Canonical, Mozilla, Redhat and 1 more | 13 Ubuntu Linux, Firefox, Seamonkey and 10 more | 2025-04-11 | N/A |
| Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object. | ||||
| CVE-2012-3994 | 4 Canonical, Mozilla, Redhat and 1 more | 13 Ubuntu Linux, Firefox, Seamonkey and 10 more | 2025-04-11 | N/A |
| Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property. | ||||
| CVE-2012-4003 | 1 Glpi-project | 1 Glpi | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in GLPI-PROJECT GLPI before 0.83.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||