CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

Prion•added 2014/07/20 11:12 a.m.•19 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Notices portlet in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.6AI score0.00936EPSS

Exploits0References3Affected Software1

Prion•added 2014/07/20 11:12 a.m.•25 views

Cross site scripting

Cross-site scripting XSS vulnerability in the PMAgetHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted table comment that is improperly handled during construction of a...

3.5CVSS5.5AI score0.0145EPSS

Exploits0References3Affected Software1

Cvelist•added 2014/07/20 10:0 a.m.•28 views

CVE-2014-4986

Multiple cross-site scripting XSS vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 table name or 2 column name that is improperly handled...

5.1AI score0.01605EPSS

Exploits0References6

CVE•added 2014/07/20 10:0 a.m.•51 views

CVE-2014-3885

CVE-2014-3885 is an XSS vulnerability in Webmin prior to 1.690. It affects authenticated users who can inject arbitrary web script or HTML via unspecified vectors. The issue is tied to Webmin versions

4.3CVSS5.1AI score0.00931EPSS

Exploits0References2Affected Software1

Prion•added 2014/07/19 5:9 a.m.•19 views

Cross site scripting

Cross-site scripting XSS vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0 FP4 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote authenticated users to inject...

3.5CVSS5.5AI score0.00759EPSS

Exploits0References2Affected Software2

NVD•added 2014/07/18 12:55 a.m.•19 views

CVE-2014-0957

Cross-site scripting XSS vulnerability in IBM Business Process Manager 7.5 through 8.5.5, and WebSphere Lombardi Edition 7.2, allows remote attackers to inject arbitrary web script or HTML via a crafted URL that triggers a service failure...

4.3CVSS5.6AI score0.01161EPSS

Exploits0References4

Prion•added 2014/07/16 2:19 p.m.•18 views

Cross site scripting

Cross-site scripting XSS vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway formerly Access Gateway Enterprise Edition 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified...

4.3CVSS6.1AI score0.01684EPSS

Exploits2References9Affected Software2

NVD•added 2014/07/14 2:55 p.m.•12 views

CVE-2014-4945

Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic 1 mailbox or 2 message view...

4.3CVSS5.8AI score0.01312EPSS

Exploits0References6

UbuntuCve•added 2014/07/14 2:55 p.m.•25 views

CVE-2014-4945

4.3CVSS6AI score0.01312EPSS

Exploits0References7

Prion•added 2014/07/14 2:55 p.m.•12 views

Cross site scripting

4.3CVSS6.1AI score0.01312EPSS

Exploits0References6Affected Software2

Prion•added 2014/07/14 2:55 p.m.•16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via 1 unspecified flags or 2 a mailbox name in the dynamic mailbox view...

4.3CVSS6AI score0.01312EPSS

Exploits0References6Affected Software2

Cvelist•added 2014/07/14 2:0 p.m.•23 views

CVE-2014-4946

Multiple cross-site scripting XSS vulnerabilities in Horde Internet Mail Program IMP before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via 1 unspecified flags or 2 a mailbox name in the dynamic mailbox view...

5.7AI score0.01312EPSS

Exploits0References6

Prion•added 2014/07/11 8:55 p.m.•20 views

Cross site scripting

Cross-site scripting XSS vulnerability in SRX Web Authentication webauth in Juniper Junos 11.4 before 11.4R11, 12.1X44 before 12.1X44-D34, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 allows remote attackers to inject arbitrary web script or HTML via...

4.3CVSS6.2AI score0.01192EPSS

Exploits1References3Affected Software1

Cvelist•added 2014/07/11 8:0 p.m.•26 views

CVE-2014-3821

5.7AI score0.01192EPSS

Exploits1References3

Cvelist•added 2014/07/11 2:0 p.m.•21 views

CVE-2014-3991

Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.5.3 allow remote attackers to inject arbitrary web script or HTML via the 1 dolusejmobile, 2 doloptimizesmallscreen, 3 dolnomousehover, 4 dolhidetopmenu, 5 dolhideleftmenu, 6 mainmenu, or 7 leftmenu parameter to index.php; th...

5.8AI score0.02689EPSS

Exploits1References1

NVD•added 2014/07/10 4:55 p.m.•18 views

CVE-2014-4854

Cross-site scripting XSS vulnerability in the WP Construction Mode plugin 1.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wuclogo parameter in a save action to wp-admin/admin.php...

4.3CVSS5.8AI score0.01618EPSS

Exploits1References2

NVD•added 2014/07/10 4:55 p.m.•13 views

CVE-2014-4856

Cross-site scripting XSS vulnerability in the Polldaddy Polls & Ratings plugin before 2.0.25 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a ratings shortcode and a unique ID. NOTE: some of these details are obtained from third party informati...

4.3CVSS5.7AI score0.01578EPSS

Exploits0References2

NVD•added 2014/07/10 4:55 p.m.•16 views

CVE-2014-4855

Cross-site scripting XSS vulnerability in the Polylang plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a user description. NOTE: some of these details are obtained from third party information...

4.3CVSS5.7AI score0.01578EPSS

Exploits0References2

NVD•added 2014/07/10 4:55 p.m.•21 views

CVE-2014-4847

Cross-site scripting XSS vulnerability in the Random Banner plugin 1.1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the buffercodeRBannerurlbanner1 parameter in an update action to wp-admin/options.php...

4.3CVSS5.8AI score0.01618EPSS

Exploits1References2

NVD•added 2014/07/10 4:55 p.m.•8 views

CVE-2014-4848

Cross-site scripting XSS vulnerability in the Blogstand Banner blogstand-smart-banner plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the bsblogid parameter to wp-admin/options-general.php...

4.3CVSS5.8AI score0.01618EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by