Total
37822 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4363 | 1 Hp | 1 Insight Control Server Deployment | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| HPE Insight Control server deployment allows remote attackers to modify data via unspecified vectors. | |||||
| CVE-2011-5309 | 1 Cherry-design | 1 Wikipad | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2016-0900 | 1 Emc | 1 Rsa Authentication Manager | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-0901. | |||||
| CVE-2012-1834 | 1 Cms Tree Page View Project | 1 Cms Tree Page View | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the CMS Tree Page View plugin before 0.8.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cms_tpv_view parameter to wp-admin/options-general.php. | |||||
| CVE-2014-7811 | 2 Redhat, Suse | 3 Network Satellite, Spacewalk, Manager | 2025-04-12 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API. | |||||
| CVE-2012-2579 | 1 Wp Simplemail Project | 1 Wp Simplemail | 2025-04-12 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the WP SimpleMail plugin 1.0.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) To, (2) From, (3) Date, or (4) Subject field of an email. | |||||
| CVE-2014-0955 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0 before 8.0.0.1 CF12, when Social Rendering in Connections integration is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-8026 | 1 Cisco | 1 Jabber Guest | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco Jabber allows remote attackers to inject arbitrary web script or HTML via a (1) GET or (2) POST parameter, aka Bug ID CSCus08074. | |||||
| CVE-2015-2398 | 1 Microsoft | 1 Internet Explorer | 2025-04-12 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability." | |||||
| CVE-2013-6300 | 1 Ibm | 1 Algo One | 2025-04-12 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6299, CVE-2013-6301, CVE-2013-6320, and CVE-2013-6333. | |||||
| CVE-2014-9311 | 1 Shareaholic | 1 Shareaholic | 2025-04-12 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in admin.php in the Shareaholic plugin before 7.6.1.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the location[id] parameter in a shareaholic_add_location action to wp-admin/admin-ajax.php. | |||||
| CVE-2015-3389 | 1 Public Download Count Project | 1 Public Download Count | 2025-04-12 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Download counts report page in the Public Download Count module (pubdlcnt) 7.x-1.x-dev and earlier for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-3313 | 1 Cisco | 16 Spa901 1-line Ip Phone, Spa922 1-line Ip Phone With 1-port Ethernet, Spa941 4-line Ip Phone With 1-port Ethernet and 13 more | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuo52582. | |||||
| CVE-2015-5475 | 1 Bestpractical | 1 Request Tracker | 2025-04-12 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Request Tracker (RT) 4.x before 4.2.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) user and (2) group rights management pages. | |||||
| CVE-2015-7232 | 1 Structured Dynamics | 1 Open Semantic Framework | 2025-04-12 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in unspecified administration pages in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology module is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-4763 | 1 Ibm | 2 Filenet Content Foundation, Filenet Content Manager | 2025-04-12 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Content Navigator in Content Engine in IBM FileNet Content Manager 5.2.x before 5.2.0.3-P8CPE-IF003 and Content Foundation 5.2.x before 5.2.0.3-P8CPE-IF003 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-4908 | 1 Pnp4nagios | 1 Pnp4nagios | 2025-04-12 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios through 0.6.22 allow remote attackers to inject arbitrary web script or HTML via the URI used for reaching (1) share/pnp/application/views/kohana_error_page.php or (2) share/pnp/application/views/template.php, leading to improper handling within an http-equiv="refresh" META element. | |||||
| CVE-2014-4349 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-12 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name that is improperly handled after a (1) hide or (2) unhide action. | |||||
| CVE-2015-8398 | 1 Atlassian | 1 Confluence | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.8.17 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to rest/prototype/1/session/check. | |||||
| CVE-2015-2101 | 1 Impliedbydesign | 1 Navigate | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||