Search Results (42958 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-14321 1 Mirasvit 1 Helpdesk Mx 2025-04-20 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the administrative interface in Mirasvit Helpdesk MX before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) customer name or (2) subject in a ticket.
CVE-2017-9361 1 Websitebaker 1 Websitebaker 2025-04-20 N/A
WebsiteBaker v2.10.0 has a stored XSS vulnerability in /account/details.php.
CVE-2016-2803 1 Mozilla 1 Bugzilla 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML.
CVE-2017-8551 1 Microsoft 1 Project Server 2025-04-20 N/A
An elevation of privilege vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint XSS vulnerability".
CVE-2017-12844 1 Icewarp 1 Mail Server 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name.
CVE-2017-12856 1 C.p.sub Project 1 C.p.sub 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in C.P.Sub 5.2 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter to index.php.
CVE-2016-2992 1 Ibm 1 Biginsights 2025-04-20 N/A
IBM Infosphere BigInsights is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2015-8256 1 Axis 11 Cannon Network Camera, Explosion-protected Camera, Fixed Box Camera and 8 more 2025-04-20 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Axis network cameras.
CVE-2017-12879 1 Paessler 1 Prtg Network Monitor 2025-04-20 N/A
Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR SENSORS functionality in Paessler PRTG Network Monitor before 17.3.33.2654 allows authenticated remote attackers to inject arbitrary web script or HTML.
CVE-2017-3868 1 Cisco 1 Unified Computing System Director 2025-04-20 N/A
A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. More Information: CSCvc44344. Known Affected Releases: 6.0(0.0).
CVE-2017-17057 1 Zkteco 1 Zktime Web 2025-04-20 N/A
There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browser in the context of the vulnerable application.
CVE-2017-9931 1 Greenpacket 2 Dx-350, Dx-350 Firmware 2025-04-20 N/A
Cross-Site Scripting (XSS) exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by the action parameter to ajax.cgi.
CVE-2016-3018 1 Ibm 3 Security Access Manager, Security Access Manager For Mobile, Security Access Manager For Web 2025-04-20 N/A
IBM Security Access Manager for Web is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2017-6808 1 Mangoswebv4 Project 1 Mangoswebv4 2025-04-20 N/A
paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in inc/admin/template_files/admin.faq.php (id parameter).
CVE-2017-9767 1 Quali 1 Cloudshell 2025-04-20 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Quali CloudShell before 8 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Name or (2) Description parameter to RM/Reservation/ReserveNew; the (3) Description parameter to RM/Topology/Update; the (4) Name, (5) Description, (6) ExecutionBatches[0].Name, (7) ExecutionBatches[0].Description, or (8) Labels parameter to SnQ/JobTemplate/Edit; or (9) Alias or (10) Description parameter to RM/AbstractTemplate/AddOrUpdateAbstractTemplate.
CVE-2016-3038 1 Ibm 1 Cognos Business Intelligence 2025-04-20 N/A
IBM Cognos TM1 10.1 and 10.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 114614.
CVE-2017-14516 1 Sap 1 Businessobjects Financial Consolidation 2025-04-20 N/A
Cross-Site Scripting (XSS) exists in SAP Business Objects Financial Consolidation before 2017-06-13, aka SAP Security Note 2422292.
CVE-2017-5553 1 B2evolution 1 B2evolution 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_markdown.plugin.php in b2evolution before 6.8.5 allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL.
CVE-2017-6809 1 Mangoswebv4 Project 1 Mangoswebv4 2025-04-20 N/A
paintballrefjosh/MaNGOSWebV4 4.0.8 is vulnerable to a reflected XSS in inc/admin/template_files/admin.donate.php (id parameter).
CVE-2017-0255 1 Microsoft 1 Sharepoint Foundation 2025-04-20 N/A
Microsoft SharePoint Foundation 2013 SP1 allows an elevation of privilege vulnerability when it does not properly sanitize a specially crafted web request, aka "Microsoft SharePoint XSS Vulnerability".