Total
34649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-4302 | 1 Ham3d | 1 Ham3d Shop Engine | 2014-06-18 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in rating/rating.php in HAM3D Shop Engine allows remote attackers to inject arbitrary web script or HTML via the ID parameter. | |||||
| CVE-2014-3876 | 1 Ulli Horlacher | 1 Fex | 2014-06-18 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allow remote attackers to inject arbitrary web script or HTML via the (1) akey parameter to rup or (2) disclaimer or (3) gm parameter to fuc. | |||||
| CVE-2014-4032 | 1 Fiyo | 1 Fiyo Cms | 2014-06-18 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in apps/app_comment/form_comment.php in Fiyo CMS 1.5.7 allows remote attackers to inject arbitrary web script or HTML via the Nama field. | |||||
| CVE-2014-3840 | 1 Mayan-edms | 1 Mayan Edms | 2014-06-18 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_form_title.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a (1) tag or the (2) title of a source in a Staging folder, (3) Name field in a bootstrap setup, or Title field in a (4) smart link or (5) web form. | |||||
| CVE-2014-2502 | 1 Emc | 1 Rsa Adaptive Authentication Hosted | 2014-06-18 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in rsa_fso.swf in EMC RSA Adaptive Authentication (Hosted) 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-4166 | 1 Shoutcast | 1 Dnas | 2014-06-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the song history in SHOUTcast DNAS 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the mp3 title field. | |||||
| CVE-2014-3995 | 1 Reviewboard | 1 Djblets | 2014-06-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name. | |||||
| CVE-2014-2002 | 1 C-board Moyuku Project | 1 C-board Moyuku | 2014-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in C-BOARD Moyuku 1.01b6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-4161 | 1 Sap | 1 Supplier Relationship Management | 2014-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to inject arbitrary web script or HTML via the url parameter. | |||||
| CVE-2012-3522 | 1 Qbnz | 1 Geshi | 2014-06-13 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in contrib/langwiz.php in GeSHi before 1.0.8.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-4036 | 1 Impresscms | 1 Impresscms | 2014-06-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action. | |||||
| CVE-2014-4033 | 1 Efrontlearning | 1 Efront | 2014-06-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in libraries/includes/personal/profile.php in Epignosis eFront 3.6.14.4 allows remote attackers to inject arbitrary web script or HTML via the surname parameter to student.php. | |||||
| CVE-2014-3974 | 1 Auracms | 1 Auracms | 2014-06-06 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in filemanager.php in AuraCMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the viewdir parameter. | |||||
| CVE-2014-1998 | 1 N-i-agroinformatics | 1 Soy Cms | 2014-06-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Nippon Institute of Agroinformatics SOY CMS 1.4.0c and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-3948 | 2 Alex Kellner, Typo3 | 2 Powermail, Typo3 | 2014-06-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the HTML export wizard in the backend module in the powermail extension before 1.6.11 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-3949 | 2 Jo Hasenau, Typo3 | 2 Gridelements, Typo3 | 2014-06-05 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the layout wizard in the Grid Elements (gridelements) extension before 1.5.1 and 2.0.x before 2.0.3 for TYPO3 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-3960 | 1 Opennms | 1 Opennms | 2014-06-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.12.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-2353 | 1 Cogentdatahub | 1 Cogent Datahub | 2014-06-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cogent DataHub before 7.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-2939 | 1 Alfresco | 1 Alfresco | 2014-06-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Alfresco Enterprise before 4.1.6.13 allow remote attackers to inject arbitrary web script or HTML via (1) an XHTML document, (2) a <% tag, or (3) the taskId parameter to share/page/task-edit. | |||||
| CVE-2013-2712 | 1 Krisonav | 1 Krisonav | 2014-05-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in services/get_article.php in KrisonAV CMS before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the content parameter. | |||||