CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

Prion•added 2013/03/27 9:55 p.m.•15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Professional theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

2.1CVSS5.6AI score0.00941EPSS

Exploits0References5Affected Software1

Prion•added 2013/03/27 9:55 p.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Creative Theme 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via vectors related to social icons...

2.1CVSS5.6AI score0.00941EPSS

Exploits0References4Affected Software1

Prion•added 2013/03/27 9:55 p.m.•20 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Best Responsive Theme 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via vectors related to social icons...

2.1CVSS5.6AI score0.01089EPSS

Exploits0References8Affected Software1

Cvelist•added 2013/03/27 9:0 p.m.•27 views

CVE-2013-1780

5.2AI score0.01089EPSS

Exploits0References8

Cvelist•added 2013/03/27 9:0 p.m.•21 views

CVE-2013-1786

Cross-site scripting XSS vulnerability in the 3 slide gallery in the Company theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors...

5.3AI score0.00941EPSS

Exploits0References5

Cvelist•added 2013/03/27 9:0 p.m.•18 views

CVE-2013-2715

Cross-site scripting XSS vulnerability in the admin view in the Search API searchapi module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a crafted field name...

5.3AI score0.01064EPSS

Exploits0References7

Cvelist•added 2013/03/27 9:0 p.m.•19 views

CVE-2013-1778

5.2AI score0.00941EPSS

Exploits0References4

Prion•added 2013/03/27 12:23 p.m.•23 views

Cross site scripting

Cross-site scripting XSS vulnerability in webadmin.nsf aka the Web Administrator client in IBM Domino 8.5.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.00931EPSS

Exploits0References2Affected Software1

Patchstack•added 2013/03/26 12:0 a.m.•21 views

WordPress Symposium Plugin <= 13.03 - XSS

Because of this vulnerability in invite.php in, the attackers can inject arbitrary web script or HTML via the "u" parameter. Solution Update the plugin...

4.3CVSS2.7AI score0.01601EPSS

Exploits0References1Affected Software1

Prion•added 2013/03/21 9:55 p.m.•15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to inject arbitrary web script or HTML via the 1 Number or 2 UpdatePage parameter to WebProd/cgi-bin/AskiaExt.dll...

4.3CVSS6AI score0.01141EPSS

Exploits0References1

Cvelist•added 2013/03/21 8:0 p.m.•23 views

CVE-2012-5757

Cross-site scripting XSS vulnerability in the Web Client in IBM Rational ClearQuest 7.1.x before 7.1.2.10 and 8.x before 8.0.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

5.5AI score0.01148EPSS

Exploits0References3

Prion•added 2013/03/21 2:55 p.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the HMI web application in Siemens WinCC TIA Portal 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.3CVSS6AI score0.01513EPSS

Exploits0References2Affected Software1

UbuntuCve•added 2013/03/19 2:55 p.m.•27 views

CVE-2013-0328

Cross-site scripting XSS vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01437EPSS

Exploits0References2

NVD•added 2013/03/15 10:55 p.m.•12 views

CVE-2013-2372

Cross-site scripting XSS vulnerability in the Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x before 4.0.3, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01148EPSS

Exploits0References3

CVE•added 2013/03/15 2:0 p.m.•40 views

CVE-2013-2372

CVE-2013-2372 affects TIBCO Spotfire Web Player Engine across multiple lines: 3.3.x before 3.3.3; 4.0.x before 4.0.3; 4.5.x before 4.5.1; and 5.0.x before 5.0.1. It is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via unspecified ve...

4.3CVSS5.8AI score0.01148EPSS

Exploits0References3Affected Software1

OwnCloud•added 2013/03/14 10:42 a.m.•38 views

Server: Multiple XSS vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in ownCloud 4.5.8 and all prior versions except 4.0.x allow remote attackers to inject arbitrary web script or HTML via the "quota" POST parameter to setquota.php in /core/settings/ajax/ Commits: 2364c79 stable45 Risk: Low Note: Successful...

2.1CVSS5.2AI score0.00742EPSS

Exploits0Affected Software1

NVD•added 2013/03/14 3:12 a.m.•13 views

CVE-2013-0275

Multiple cross-site scripting XSS vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01925EPSS

Exploits1References5

UbuntuCve•added 2013/03/14 3:12 a.m.•19 views

CVE-2013-0275

Multiple cross-site scripting XSS vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01925EPSS

Exploits1References2

Prion•added 2013/03/14 3:12 a.m.•13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01925EPSS

Exploits1References5Affected Software1

Prion•added 2013/03/13 12:55 a.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability."...

4.3CVSS5.5AI score0.14333EPSS

Exploits0References2Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by