Total
34649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-2347 | 1 Huawei | 1 Seq Analyst | 2015-05-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Huawei SEQ Analyst before V200R002C03LG0001CP0022 allows remote attackers to inject arbitrary web script or HTML via the command XML element in the req parameter to flexdata.action in (1) common/, (2) monitor/, or (3) psnpm/ or the (4) module XML element in the req parameter to flexdata.action in monitor/. | |||||
| CVE-2015-0913 | 1 Kozos | 1 Easyctf | 2015-05-04 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-0910 | 1 Dounokouno | 1 Transmitmail | 2015-04-24 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename. | |||||
| CVE-2015-0707 | 1 Cisco | 1 Firesight System Software | 2015-04-23 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco FireSIGHT System Software 5.3.1.1 and 6.0.0 in FireSIGHT Management Center allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCus85425. | |||||
| CVE-2015-3357 | 1 Wishlist Project | 1 Wishlist | 2015-04-22 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote authenticated users with the "access wishlists" permission to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a log message. | |||||
| CVE-2015-0967 | 1 Searchblox | 1 Searchblox | 2015-04-20 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox before 8.2 allow remote attackers to inject arbitrary web script or HTML via (1) the search field in plugin/index.html or (2) the title field in the Create Featured Result form in admin/main.jsp. | |||||
| CVE-2014-9311 | 1 Shareaholic | 1 Shareaholic | 2015-04-15 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in admin.php in the Shareaholic plugin before 7.6.1.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the location[id] parameter in a shareaholic_add_location action to wp-admin/admin-ajax.php. | |||||
| CVE-2014-9146 | 1 Fiyo | 1 Fiyo Cms | 2015-04-15 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Fiyo CMS 2.0.1.8 allow remote attackers to inject arbitrary web script or HTML via the (1) view, (2) id, (3) page, or (4) app parameter to the default URI or the (5) act parameter to dapur/index.php. | |||||
| CVE-2015-0876 | 1 Saurus | 1 Saurus Cms | 2015-04-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the print_language_selectbox function in classes/adminpage.inc.php in Saurus CMS Community Edition before 4.7 2015-02-04 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-0950 | 1 Qualiteam | 1 X-cart | 2015-04-06 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin.php in X-Cart 5.1.6 through 5.1.10 allows remote attackers to inject arbitrary web script or HTML via the substring parameter. | |||||
| CVE-2015-0976 | 1 Inductiveautomation | 1 Ignition | 2015-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Inductive Automation Ignition 7.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-0900 | 1 Nishishi | 1 Fumy Teachers Schedule Board | 2015-03-31 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in schedule.cgi in Nishishi Factory Fumy Teacher's Schedule Board 1.10 through 2.21 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2015-0105 | 1 Ibm | 1 Business Process Manager | 2015-03-24 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Process Portal in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2015-0106 | 1 Ibm | 2 Business Process Manager, Websphere Application Server | 2015-03-24 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2015-0103 | 1 Ibm | 1 Business Process Manager | 2015-03-24 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Process Portal in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified data fields. | |||||
| CVE-2015-0893 | 1 Maroyaka Relay Novel Project | 1 Maroyaka Relay Novel | 2015-03-23 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka Relay Novel allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-0891 | 1 Maroyaka Simple Board Project | 1 Maroyaka Simple Board | 2015-03-23 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka Simple Board allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-0892 | 1 Maroyaka Image Album Project | 1 Maroyaka Image Album | 2015-03-23 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka Image Album allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-0896 | 1 Extplorer | 1 Extplorer | 2015-03-19 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-2406 | 1 Hp | 1 Openview Performance Insight | 2015-03-18 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||