Export limit exceeded: 45729 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45729 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0919 | 1 Hitachi | 1 It Operations Director | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Director 02-50-01 through 02-50-07, 03-00 through 03-00-04, and possibly other versions before 03-00-06, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-0930 | 1 Schneider-electric | 1 Modicon Quantum Plc | 2025-04-11 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in Schneider Electric Modicon Quantum PLC allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-0974 | 1 Juan Ramon | 1 Osclass | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the getParam function in oc-includes/osclass/core/Params.php in OSClass before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) sCity, (2) sPattern, (3) sPriceMax, and (4) sPriceMin parameters in a search action to index.php. | ||||
| CVE-2012-0975 | 1 Clixint | 1 Image Hosting Script Dpi | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in misc.php in Image Hosting Script DPI 1.0, 1.3, and earlier allows remote attackers to inject arbitrary web script or HTML via the showseries parameter. | ||||
| CVE-2012-0976 | 1 Silverstripe | 1 Silverstripe | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/EditForm in SilverStripe 2.4.6 allows remote authenticated users with Content Authors privileges to inject arbitrary web script or HTML via the Title parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-0979 | 1 Twiki | 1 Twiki | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in TWiki allows remote attackers to inject arbitrary web script or HTML via the organization field in a profile, involving (1) registration or (2) editing of the user. | ||||
| CVE-2012-0995 | 1 Zenphoto | 1 Zenphoto | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ZENphoto 1.4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in an external action to zp-core/admin.php, (2) PATH_INTO to an unspecified URL, as demonstrated using /1/, (3) PATH_INFO to zp-core/admin.php, or (4) album parameter to zp-core/admin-edit.php. | ||||
| CVE-2012-1000 | 1 Lepton-cms | 1 Lepton | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in LEPTON 1.1.3 and other versions before 1.1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) message parameter to admins/login/forgot/index.php, or the (2) display_name or (3) email parameter to account/preferences.php. | ||||
| CVE-2012-1224 | 1 Contentlion | 1 Contentlion Alpha | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in system/classes/login.php in ContentLion Alpha 1.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| CVE-2012-1252 | 1 Rssowl | 1 Rssowl | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in RSSOwl before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a feed, a different vulnerability than CVE-2006-4760. | ||||
| CVE-2012-1240 | 1 Recruit | 1 Dokodemo Rikunabi 2013 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the RECRUIT Dokodemo Rikunabi 2013 extension before 1.0.1 for Google Chrome allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-1245 | 1 Osqa | 1 Osqa | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the cleanup_urls function in forum/utils/html.py in OSQA before 1234, and 0.9.0 Beta 3 and earlier, allows remote attackers to inject arbitrary web script or HTML via vectors related to a crafted URI. | ||||
| CVE-2012-1246 | 1 Webcreate | 1 Web Mart | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier might allow remote attackers to inject arbitrary web script or HTML via a crafted cookie. | ||||
| CVE-2012-1247 | 1 Webcreate | 1 Web Mart | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML by leveraging support for Cascading Style Sheets (CSS) expressions. | ||||
| CVE-2012-1253 | 1 Roundcube | 1 Webmail | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment. | ||||
| CVE-2012-1254 | 1 Segue Project | 1 Segue | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-1290 | 1 Sap | 1 Netweaver | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via the _loadPage parameter. | ||||
| CVE-2012-1293 | 1 Ulli Horlacher | 1 Fex | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the (1) to or (2) from parameters. | ||||
| CVE-2012-1296 | 1 Elefantcms | 1 Elefantcms | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in apps/admin/handlers/preview.php in Elefant CMS 1.0.x before 1.0.2-Beta and 1.1.x before 1.1.5-Beta allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) body parameter to admin/preview. | ||||
| CVE-2012-1410 | 1 Kadu | 1 Kadu | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the History Window implementation in Kadu 0.9.0 through 0.11.0 allow remote attackers to inject arbitrary web script or HTML via a crafted (1) SMS message, (2) presence message, or (3) status description. | ||||