Export limit exceeded: 45687 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45687 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-5587 | 2 Drupal, Epiqo | 2 Drupal, Email | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Email Field module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via the mailto link. | ||||
| CVE-2012-5591 | 2 Catalin Florian Radut, Drupal | 2 Zeropoint, Drupal | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Zero Point module 6.x-1.x before 6.x-1.18 and 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via the path aliases. | ||||
| CVE-2012-5606 | 1 Owncloud | 2 Owncloud, Owncloud Server | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.9 and 4.5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) file name to apps/files_versions/js/versions.js or (2) apps/files/js/filelist.js; or (3) event title to 3rdparty/fullcalendar/js/fullcalendar.js. | ||||
| CVE-2012-5666 | 1 Owncloud | 1 Owncloud Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in bookmarks/js/bookmarks.js in ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to apps/bookmark/index.php. | ||||
| CVE-2012-5705 | 2 Drupal, Justin Dodge | 2 Drupal, Hotblocks | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the settings page (admin/settings/hotblocks) in the Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administer hotblocks" permission to inject arbitrary web script or HTML via the "block names." | ||||
| CVE-2012-5744 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the guest portal in Cisco Identity Services Engine (ISE) Software allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCud11139 and CSCug02904. | ||||
| CVE-2012-5761 | 1 Ibm | 1 Netezza | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-5762 | 1 Ibm | 1 Netezza | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via vectors involving the MHTML protocol. | ||||
| CVE-2012-6620 | 1 Horde | 1 Kronolith H4 | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the (1) tasks and (2) search views in Horde Kronolith H4 before 3.0.17 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-6621 | 1 Get-simple | 1 Getsimple Cms | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1, 3.1.2, 3.2.3, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Email Address or (2) Custom Permalink Structure fields in admin/settings.php; (3) path parameter to admin/upload.php; (4) err parameter to admin/theme.php; (5) error parameter to admin/pages.php; or (6) success or (7) err parameter to admin/index.php. | ||||
| CVE-2012-6622 | 1 Vasthtml | 1 Forumpress | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) groupid parameter in an editgroup action or (2) usergroup_id parameter in an edit_usergroup action. | ||||
| CVE-2012-6624 | 1 Mightymess | 1 Soundcloud Is Gold | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the SoundCloud Is Gold plugin 2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the width parameter in a soundcloud_is_gold_player_preview action to wp-admin/admin-ajax.php. | ||||
| CVE-2012-6627 | 1 Xyzscripts | 1 Newsletter Manager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/test_mail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2012-6630 | 1 Rick Mead | 1 Media Library Categories | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Media Library Categories plugin 1.1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) bulk parameter to media-library-categories/add.php or (2) q parameter to media-library-categories/view.php. | ||||
| CVE-2012-6632 | 1 Vessio | 1 Netbill | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Vessio NetBill 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) file title to accounts/admin/index.php or (3) comment parameter in the support page to accounts/index2.php. | ||||
| CVE-2013-0009 | 1 Microsoft | 1 System Center Operations Manager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka "System Center Operations Manager Web Console XSS Vulnerability," a different vulnerability than CVE-2013-0010. | ||||
| CVE-2013-0010 | 1 Microsoft | 1 System Center Operations Manager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka "System Center Operations Manager Web Console XSS Vulnerability," a different vulnerability than CVE-2013-0009. | ||||
| CVE-2013-0083 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability." | ||||
| CVE-2010-5275 | 2 Drupal, Memcache Project | 2 Drupal, Memcache | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in memcache_admin in the Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-0129 | 1 Pd-admin | 1 Pd-admin | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via (1) the WebFTP Overview "Create new directory" field or (2) the body of an e-mail autoresponder message. | ||||