CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

NVD•added 2014/10/10 2:55 p.m.•32 views

CVE-2014-3678

Cross-site scripting XSS vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.6AI score0.0184EPSS

Exploits0References3

Prion•added 2014/10/10 2:55 p.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the EWWW Image Optimizer plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the error parameter in the ewww-image-optimizer.php page to wp-admin/options-general.php, which is not properly handled in a pngo...

4.3CVSS6.2AI score0.02064EPSS

Exploits3References5Affected Software1

Prion•added 2014/10/10 2:55 p.m.•16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Web-Dorado Photo Gallery plugin 1.1.30 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 callback, 2 dir, or 3 extensions parameter in an addImages action to wp-admin/admin-ajax.php...

4.3CVSS6.1AI score0.02374EPSS

Exploits3References7Affected Software1

Cvelist•added 2014/10/10 2:0 p.m.•16 views

CVE-2014-6243

5.7AI score0.02064EPSS

Exploits3References5

Cvelist•added 2014/10/10 2:0 p.m.•16 views

CVE-2014-7200

Cross-site scripting XSS vulnerability in pi1/class.txdmmjobcontrolpi1.php in the JobControl dmmjobcontrol extension 2.14.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via the txdmmjobcontrolpi1searchkeyword parameter to jobs/...

5.8AI score0.03236EPSS

Exploits1References5

Cvelist•added 2014/10/10 2:0 p.m.•31 views

CVE-2014-4312

Multiple cross-site scripting XSS vulnerabilities in Epicor Enterprise 7.4 before FS74SP6HotfixTL054181 allow remote attackers to inject arbitrary web script or HTML via the 1 Notes section to Order details; 2 Description section to "Order to consume"; 3 Favorites name section to Favorites; 4...

5.7AI score0.04179EPSS

Exploits6References12

NVD•added 2014/10/10 1:55 a.m.•20 views

CVE-2014-4661

Cross-site scripting XSS vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.02187EPSS

Exploits0References3

Prion•added 2014/10/10 1:55 a.m.•21 views

Cross site scripting

Cross-site scripting XSS vulnerability in the auto-complete feature in Splunk Enterprise before 6.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a CSV file...

3.5CVSS5.6AI score0.00759EPSS

Exploits0References2Affected Software1

Cvelist•added 2014/10/10 1:0 a.m.•21 views

CVE-2014-4661

Cross-site scripting XSS vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.02187EPSS

Exploits0References3

NVD•added 2014/10/09 2:55 p.m.•18 views

CVE-2014-8077

Cross-site scripting XSS vulnerability in the NewsFlash theme 6.x-1.x before 6.x-1.7 and 7.x-1.x before 7.x-2.5 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to font family CSS property...

3.5CVSS5.3AI score0.01046EPSS

Exploits0References6

Prion•added 2014/10/09 2:55 p.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Professional theme 7.x before 7.x-2.04 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via vectors related to custom copyright information...

3.5CVSS5.6AI score0.00946EPSS

Exploits0References4Affected Software1

Prion•added 2014/10/09 2:55 p.m.•12 views

Cross site scripting

3.5CVSS5.6AI score0.01046EPSS

Exploits0References6Affected Software1

Cvelist•added 2014/10/09 2:0 p.m.•23 views

CVE-2014-8076

5.2AI score0.00946EPSS

Exploits0References4

Cvelist•added 2014/10/09 2:0 p.m.•21 views

CVE-2014-8077

5.3AI score0.01046EPSS

Exploits0References6

Prion•added 2014/10/08 7:55 p.m.•18 views

Cross site scripting

Cross-site scripting XSS vulnerability in comcontact in Joomla! CMS 3.1.2 through 3.2.x before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.00942EPSS

Exploits0References1Affected Software1

Prion•added 2014/10/08 7:55 p.m.•18 views

Cross site scripting

Cross-site scripting XSS vulnerability in Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01367EPSS

Exploits0References1Affected Software1

CVE•added 2014/10/08 7:0 p.m.•140 views

CVE-2014-6631

CVE-2014-6631 is a Joomla! core XSS vulnerability in the com_media component. The issue affects Joomla! 3.2.x before 3.2.5 and 3.3.x before 3.3.4, enabling remote attackers to inject arbitrary web script or HTML via unspecified vectors. The root cause is inadequate escaping in the affected compon...

4.3CVSS5.7AI score0.00933EPSS

Exploits0References2Affected Software1

Prion•added 2014/10/08 6:55 p.m.•21 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in template.php in Zen theme 7.x-3.x before 7.x-3.3 and 7.x-5.x before 7.x-5.5 for Drupal allow remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via the skiplinktext setting and unspecified...

3.5CVSS5.8AI score0.00946EPSS

Exploits0References5Affected Software1

Prion•added 2014/10/07 10:55 a.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in wlsecurity.html on NetCommWireless NB604N routers with firmware before GAN5.CZ56T-B-NC.AU-R4B030.EN allows remote attackers to inject arbitrary web script or HTML via the wlWpaPsk parameter...

4.3CVSS6.2AI score0.01107EPSS

Exploits0References2Affected Software1

Cvelist•added 2014/10/07 10:0 a.m.•20 views

CVE-2014-4871

5.8AI score0.01107EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by