Filtered by CWE-79
Total 45597 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-9739 1 Node Field Project 1 Node Field 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Node Field module 7.x-2.x before 7.x-2.45 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors involving internal fields.
CVE-2014-9741 1 Esri 3 Arcgis For Desktop, Arcgis For Engine, Arcgis Server 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Desktop, ArcGIS for Engine, and ArcGIS for Server 10.2.2 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-0139 1 Ibm 1 Websphere Portal 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVE-2015-0549 1 Emc 1 Documentum D2 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in EMC Documentum D2 before 4.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-0623 1 Cisco 1 Web Security Appliance 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Administrator report page on Cisco Web Security Appliance (WSA) devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus40627.
CVE-2015-0690 1 Cisco 1 Wireless Lan Controller Software 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the HTML help system on Cisco Wireless LAN Controller (WLC) devices before 8.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCun95178.
CVE-2015-0774 1 Cisco 1 Application And Content Networking System Software 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Cisco Application and Content Networking System (ACNS) 5.5(9) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuu70650.
CVE-2015-1000004 1 Filedownload Project 1 Filedownload 2025-04-12 N/A
XSS in filedownload v1.4 wordpress plugin
CVE-2015-0882 1 Zen-cart 1 Zen Cart 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/init_includes/init_sanitize.php and includes/init_includes/init_sanitize.php.
CVE-2015-1054 1 Crea8social 1 Crea8social 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Games feature in Crea8Social 2.0 allows remote authenticated users to inject arbitrary web script or HTML via the Game Content field in Add Game.
CVE-2015-1056 1 Brother 2 Mfc-j4410dw, Mfc-j4410dw Firmware 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Brother MFC-J4410DW printer with firmware before L allows remote attackers to inject arbitrary web script or HTML via the url parameter to general/status.html and possibly other pages.
CVE-2015-1057 1 E107 1 E107 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in usersettings.php in e107 2.0.0 allows remote attackers to inject arbitrary web script or HTML via the "Real Name" value.
CVE-2015-1204 1 Getusedtoit 1 Wp Slimstat 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Save Filters functionality in the WP Slimstat plugin before 3.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fs[resource] parameter in the wp-slim-view-2 page to wp-admin/admin.php.
CVE-2015-1366 1 Pixabay Images Project 1 Pixabay Images 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the image_user parameter.
CVE-2015-1275 2 Google, Opensuse 3 Android, Chrome, Opensuse 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in org/chromium/chrome/browser/UrlUtilities.java in Google Chrome before 44.0.2403.89 on Android allows remote attackers to inject arbitrary web script or HTML via a crafted intent: URL, as demonstrated by a trailing alert(document.cookie);// substring, aka "Universal XSS (UXSS)."
CVE-2015-1384 1 Banner Effect Header Project 1 Banner Effect Header 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Banner Effect Header plugin before 1.2.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the banner_effect_divid parameter in the BannerEffectOptions page to wp-admin/options-general.php.
CVE-2015-1383 1 Cyberhobo 1 Geo Mashup 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the geo search widget in the Geo Mashup plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search key.
CVE-2015-1475 1 Mylittleforum 1 My Little Forum 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in my little forum 2.3.3, 2.2, and 1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) page or (2) category parameter to forum.php or the (3) page or (4) order parameter to (a) board_entry.php or (b) forum_entry.php.
CVE-2015-1478 1 Cmsjunkie 1 J-classifiedsmanager 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the view parameter to /classifieds.
CVE-2015-1603 1 Adminsystems Cms Project 1 Adminsystems Cms 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Adminsystems CMS before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php or (2) id parameter in a users_users action to asys/site/system.php.