Total
45356 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4885 | 1 Bernhard Frohlich | 1 Phpcom | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in templates/1/login.php in phpCommunity 2 2.1.8 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2003-1585 | 1 Alentum | 1 Weblog Expert | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in WebLogExpert allows remote attackers to inject arbitrary web script or HTML via a crafted client domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue. | ||||
| CVE-2013-4036 | 1 Ibm | 2 Infosphere Master Data Management Collaboration Server, Infosphere Master Data Management Server For Product Information Management | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1 FP13, and IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 FP7 and 11.0 before FP2, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-4950 | 1 Machform | 1 Machform | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in view.php in Machform 2 allows remote attackers to inject arbitrary web script or HTML via the element_2 parameter. | ||||
| CVE-2013-5425 | 1 Ibm | 1 Websphere Virtual Enterprise | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Virtual Enterprise 6.1 before 6.1.1.6 and 7.0 before 7.0.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2013-5913 | 1 Oxid-esales | 1 Eshop | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the getRecommSearch function in recommlist.php in OXID eShop before 4.6.7, Professional and Community Edition 4.7.x before 4.7.8, and Enterprise Edition 5.x before 5.0.8 allows remote attackers to inject arbitrary web script or HTML via the searchrecomm parameter. | ||||
| CVE-2013-6289 | 2 Ingo Renner, Typo3 | 2 Apache Solr, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-6348 | 1 Apache | 1 Struts | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.3.15.3 allow remote attackers to inject arbitrary web script or HTML via the namespace parameter to (1) actionNames.action and (2) showConfig.action in config-browser/. | ||||
| CVE-2013-6962 | 1 Cisco | 1 Webex Meeting Center | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the mobile-browser subsystem in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36228. | ||||
| CVE-2011-4340 | 1 Symphony-cms | 1 Symphony Cms | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.2.3 and possibly other versions before 2.2.4 allow remote authenticated users with Author privileges to inject arbitrary web script or HTML via (1) the profile parameter to extensions/profiledevkit/content/content.profile.php, as demonstrated via requests to (a) the default URI, (b) about/, or (c) drafts/; or (2) the filter parameter in symphony/lib/core/class.symphony.php, as demonstrated via requests to (d) symphony/publish/comments or (e) symphony/publish/images. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-1048 | 1 Efrontlearning | 1 Efront Community \+\+ | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in communityplusplus/www/administrator.php in eFront Community++ edition 3.6.10, and possibly other editions, allows remote attackers to inject arbitrary web script or HTML via the filter parameter. | ||||
| CVE-2011-5189 | 2 Drupal, Svendecabooter | 2 Drupal, Webform Validation | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Webform Validation module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with permissions to "update Webform nodes" to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-5192 | 2 Blairwilliams, Wordpress | 2 Pretty Link Lite Plugin, Wordpress | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty Link Lite plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the slug parameter, a different vulnerability than CVE-2011-5191. | ||||
| CVE-2011-5199 | 1 Steveyolam | 1 Tinyguestbook | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in sign.php in tinyguestbook allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2011-0550 | 1 Symantec | 1 Endpoint Protection | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via (1) the token parameter to portal/Help.jsp or (2) the URI in a console/apps/sepm request. | ||||
| CVE-2012-1027 | 1 Project-open | 1 \]project-open\[ | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in account-closed.tcl in ]project-open[ (aka ]po[) 3.4.x, 3.5.0.1-2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the message parameter to register/account-closed. | ||||
| CVE-2012-1064 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-0040 | 1 Simplesamlphp | 1 Simplesamlphp | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in modules/core/www/no_cookie.php in SimpleSAMLphp 1.8.1 and possibly other versions before 1.8.2 allows remote attackers to inject arbitrary web script or HTML via the retryURL parameter. | ||||
| CVE-2012-1110 | 1 Datemill | 1 Etano | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Etano 1.22 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user, (2) email, (3) email2, (4) f17_zip, or (5) agree parameter to join.php; (6) PATH_INFO, (7) st, (8) f17_city, (9) f17_country, (10) f17_state, (11) f17_zip, (12) f19, (13) wphoto, (14) search, or (15) v parameter to search.php; (16) PATH_INFO or (17) st parameter to photo_search.php; or (18) return parameter to photo_view.php. | ||||
| CVE-2012-1188 | 1 Fork-cms | 1 Fork Cms | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) type or (2) querystring parameters to private/en/error or (3) name parameter to private/en/locale/index. | ||||