Export limit exceeded: 352931 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46197 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-3952 | 1 Phplist | 1 Phplist | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/index.php in phpList before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the unconfirmed parameter to the user page. | ||||
| CVE-2013-0938 | 1 Emc | 4 Documentum Records Manager, Documentum Taskspace, Documentum Wdk and 1 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-0936 | 1 Emc | 6 Smarts Ip Manager, Smarts Mpls Manager, Smarts Network Protocol Manager and 3 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in EMC Smarts IP Manager, Smarts Service Assurance Manager, Smarts Server Manager, Smarts VoIP Availability Manager, Smarts Network Protocol Manager, and Smarts MPLS Manager before 9.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2012-3414 | 3 Swfupload Project, Tinymce, Wordpress | 3 Swfupload, Image Manager, Wordpress | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function. | ||||
| CVE-2012-3233 | 1 Kayako | 1 Fusion | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in __swift/thirdparty/PHPExcel/PHPExcel/Shared/JAMA/docs/download.php in Kayako Fusion 4.40.1148, and possibly before 4.50.1581, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| CVE-2013-1782 | 2 Devsaran, Drupal | 2 Responsive Blog, Drupal | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Responsive Blog Theme 7.x-1.x before 7.x-1.6 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via vectors related to social icons. | ||||
| CVE-2013-5308 | 2 Juralsulek, Typo3 | 2 Realurlmanagement, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the RealURL Management (realurlmanagement) extension 0.3.4 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5309 | 2 Fudforum, Ilia Alshanetsky | 2 Fudforum, Fudforum | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows remote attackers to inject arbitrary web script or HTML via a custom profile field to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2013-5312 | 1 Vastal | 1 Phpvid | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to browse_videos.php or the (2) cat parameter to groups.php. | ||||
| CVE-2013-5307 | 2 Kennziffer, Typo3 | 2 Ke Search, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5314 | 1 S9y | 1 Serendipity | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in serendipity_admin_image_selector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipity[htmltarget] parameter. | ||||
| CVE-2013-5315 | 2 Drupal, Ows | 2 Drupal, Scald | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Resource Manager in the MEE submodule (mee.module) in the Scald module 6.x-1.x before 6.x-1.0-beta3 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the atom title, a different vector than CVE-2013-4174. | ||||
| CVE-2013-5317 | 1 Ritecms | 1 Ritecms | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in RiteCMS 1.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the mode parameter to cms/index.php. | ||||
| CVE-2013-5305 | 2 Joachim Ruhs, Typo3 | 2 Locator, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5319 | 1 Atlassian | 1 Jira | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via the name parameter to secure/admin/user/DeleteUser!default.jspa. | ||||
| CVE-2013-5326 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 12, 9.0.1 before Update 11, 9.0.2 before Update 6, and 10 before Update 12, when the CFIDE directory is available, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the logviewer directory. | ||||
| CVE-2013-5300 | 1 Alienvault | 1 Open Source Security Information Management | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) before 4.3.0 allow remote attackers to inject arbitrary web script or HTML via the withoutmenu parameter to (1) vulnmeter/index.php or (2) vulnmeter/sched.php; the (3) section parameter to av_inventory/task_edit.php; the (4) profile parameter to nfsen/rrdgraph.php; or the (5) scan_server or (6) targets parameter to vulnmeter/simulate.php. | ||||
| CVE-2013-5320 | 1 Sourcetreesolutions | 1 Mojoportal | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Forums/EditPost.aspx in mojoPortal before 2.3.9.8 allows remote attackers to inject arbitrary web script or HTML via the txtSubject parameter. | ||||
| CVE-2013-5323 | 2 Stanislas Rolland, Typo3 | 2 Static Info Tables, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Static Info Tables (static_info_tables) extension before 2.3.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-5218 | 1 Hot | 2 Hotbox Router, Hotbox Router Firmware | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp. | ||||