CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

NVD•added 2014/04/02 3:58 a.m.•20 views

CVE-2014-2125

Cross-site scripting XSS vulnerability in the Web Inbox in Cisco Unity Connection 8.62aSU3 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028...

4.3CVSS5.7AI score0.01148EPSS

Exploits1References3

NVD•added 2014/04/02 3:58 a.m.•21 views

CVE-2014-0901

Cross-site scripting XSS vulnerability in the Social Rendering implementation in the IBM Connections integration in IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.1AI score0.00946EPSS

Exploits1References4

Prion•added 2014/04/02 3:58 a.m.•20 views

Cross site scripting

4.3CVSS6.2AI score0.01148EPSS

Exploits1References3Affected Software1

Prion•added 2014/04/02 3:58 a.m.•21 views

Cross site scripting

Cross-site scripting XSS vulnerability in the WCM Web Content Manager UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF11 allows remote attackers to inject arbitrary web script or HTML via unspecified...

4.3CVSS6AI score0.01161EPSS

Exploits1References4Affected Software1

Cvelist•added 2014/04/02 1:0 a.m.•24 views

CVE-2014-2125

5.7AI score0.01148EPSS

Exploits1References3

Check Point Advisories•added 2014/03/31 12:0 a.m.•6 views

IBM WebSphere Application Server Cross-Site Scripting - Ver2 (CVE-2009-0855)

A cross-site scripting vulnerability has been reported in IBM WebSphere Application Server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS5.7AI score0.05979EPSS

Exploits1

NVD•added 2014/03/28 3:55 p.m.•22 views

CVE-2013-0807

Cross-site scripting XSS vulnerability in the NewSectionPrompt function in include/tool/editingpage.php in gpEasy CMS 3.5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the section parameter in a newsection action to index.php...

4.3CVSS5.6AI score0.03993EPSS

Exploits2References6

Prion•added 2014/03/28 3:55 p.m.•25 views

Cross site scripting

4.3CVSS6.1AI score0.03993EPSS

Exploits2References6Affected Software1

Prion•added 2014/03/28 3:55 p.m.•14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 searchwords parameter in a search action to wpf.class.php or 2 togroupusers parameter in an addusertogroup action to...

4.3CVSS6.2AI score0.02132EPSS

Exploits0References6Affected Software1

Prion•added 2014/03/27 9:55 p.m.•18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in dashboard-related HTML documents in Cisco Prime Security Manager aka PRSM 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCun50687...

4.3CVSS6.1AI score0.01792EPSS

Exploits1References4Affected Software1

Prion•added 2014/03/27 4:55 p.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in app/views/common/500.html.erb in Foreman 1.4.x before 1.4.2 allows remote authenticated users to inject arbitrary web script or HTML via the bookmark name when adding a bookmark...

4.3CVSS5.6AI score0.01891EPSS

Exploits1References4Affected Software1

UbuntuCve•added 2014/03/27 4:55 p.m.•33 views

CVE-2014-2326

Cross-site scripting XSS vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS7.3AI score0.0322EPSS

Exploits2References2

NVD•added 2014/03/26 10:55 a.m.•19 views

CVE-2014-1826

Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...

2.6CVSS5.4AI score0.00898EPSS

Exploits3References1

Prion•added 2014/03/25 8:55 p.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.5AI score0.00759EPSS

Exploits1References2Affected Software1

Prion•added 2014/03/25 6:21 p.m.•14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in OXID eShop Professional and Community Edition 4.6.8 and earlier, 4.7.x before 4.7.11, and 4.8.x before 4.8.4, and Enterprise Edition 4.6.8 and earlier, 5.0.x before 5.0.11 and 5.1.x before 5.1.4 allow remote attackers to inject arbitrary web...

4.3CVSS6AI score0.01474EPSS

Exploits6References2Affected Software1

Prion•added 2014/03/25 4:55 p.m.•17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in eXtplorer 2.1.3, when used as a component for Joomla!, allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 application.js.php in scripts/ or 2 admin.php, 3 copymove.php, 4 functions.php, 5 header.php, or 6...

2.6CVSS6AI score0.01894EPSS

Exploits3References5Affected Software1

CVE•added 2014/03/25 2:0 p.m.•84 views

CVE-2014-2538

CVE-2014-2538 describes an XSS vulnerability in the rack-ssl gem’s Ruby component (lib/rack/ssl.rb) prior to version 1.4.0. The issue allows remote attackers to inject arbitrary web script or HTML via a URI, which may not be handled correctly by adapters such as JRuby-Rack. Affected product: rack...

4.3CVSS5.5AI score0.0219EPSS

Exploits1References5Affected Software1

Cvelist•added 2014/03/25 2:0 p.m.•36 views

CVE-2014-2538

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...

5.4AI score0.0219EPSS

Exploits1References5

Debian CVE•added 2014/03/25 2:0 p.m.•13 views

CVE-2014-2538

4.3CVSS5.5AI score0.0219EPSS

Exploits1

Prion•added 2014/03/24 4:39 p.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Dashboard Backend service stats/dashboard.jsp in SonicWall Network Security Appliance NSA 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter...

4.3CVSS6.1AI score0.02421EPSS

Exploits3References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by