Export limit exceeded: 348863 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45749 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45749 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-5181 | 1 Concrete5 | 1 Concrete5 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in concrete5 Japanese 5.5.1 through 5.5.2.1 and concrete5 English 5.5.0 through 5.6.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-5184 | 1 Olivetoast | 1 Documents Pro File Viewer | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Olive Toast Documents Pro File Viewer (formerly Files HD) app before 1.11.1 for iOS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-5200 | 1 Hp | 2 Intelligent Management Center, Intelligent Management Center For Automated Network Manager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-5219 | 1 Hp | 1 Managed Printing Administration | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Managed Printing Administration (MPA) before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-5225 | 1 Eliteweaver | 1 Xclick Cart | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in webscr.php in xClick Cart 1.0.1 and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the shopping_url parameter. | ||||
| CVE-2012-5232 | 2 Joomla, Mediafire | 2 Joomla\!, Mod Quick Form | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Quickl Form component for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-5233 | 2 Drupal, Luke Herrington | 2 Drupal, Stickynote | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote authenticated users with edit stickynotes privileges to inject arbitrary web script or HTML via unspecified vecotrs. | ||||
| CVE-2012-5295 | 2 Fusetalk, Fusetalk. | 2 Fusetalk, Fusetalk | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in login.cfm in FuseTalk Forums 3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the windowed parameter. | ||||
| CVE-2012-5296 | 1 Mavili Guestbook Project | 1 Mavili Guestbook | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mavili Guestbook, as released in November 2007, allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) approve.asp, (2) delete.asp, (3) edit.asp, or (4) edit2.asp. | ||||
| CVE-2012-5305 | 1 Directadmin | 1 Directadmin | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter. | ||||
| CVE-2012-5307 | 1 Ibm | 1 Lotus Notes Traveler | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in servlet/traveler in IBM Lotus Notes Traveler before 8.5.3.3 Interim Fix 1, when Firefox is used, allows remote attackers to inject arbitrary web script or HTML via the redirectURL parameter, a different vulnerability than CVE-2012-4824 and CVE-2012-4825. | ||||
| CVE-2012-5314 | 1 Heikki Hokkanen | 1 Viewgit | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in ViewGit 0.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the f parameter. | ||||
| CVE-2012-5322 | 1 Xavi | 1 X7968 | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Xavi X7968 allow remote attackers to inject arbitrary web script or HTML via the (1) pvcName parameter to webconfig/wan/confirm.html/confirm or (2) host_name_txtbox parameter to webconfig/lan/lan_config.html/local_lan_config. | ||||
| CVE-2012-5325 | 2 Cartpauj, Wordpress | 2 Shortcode-redirect, Wordpress | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the scr_do_redirect function in scr.php in the Shortcode Redirect plugin 1.0.01 and earlier for WordPress allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via the (1) url or (2) sec attributes in a redirect tag. | ||||
| CVE-2012-5330 | 1 Nasir Khan | 1 Asaancart | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in asaanCart 0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to calc.php, (2) chat.php, (3) register.php, or (4) index.php in libs/smarty_ajax/; or the (5) page parameter to libs/smarty_ajax/index.php. | ||||
| CVE-2012-5337 | 1 Jforum | 1 Jforum | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in jforum.page in JForum 2.1.9 allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) match_type, (3) sort_by, or (4) start parameters. | ||||
| CVE-2012-5349 | 1 Wordpress | 2 Pay-with-tweet, Wordpress | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin before 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) title, or (3) dl parameter. | ||||
| CVE-2012-5666 | 1 Owncloud | 1 Owncloud Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in bookmarks/js/bookmarks.js in ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to apps/bookmark/index.php. | ||||
| CVE-2012-5705 | 2 Drupal, Justin Dodge | 2 Drupal, Hotblocks | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the settings page (admin/settings/hotblocks) in the Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administer hotblocks" permission to inject arbitrary web script or HTML via the "block names." | ||||
| CVE-2012-5744 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the guest portal in Cisco Identity Services Engine (ISE) Software allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCud11139 and CSCug02904. | ||||