Search Results (42958 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-2118 1 Cisco 1 Prime Security Manager 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML documents in Cisco Prime Security Manager (aka PRSM) 9.2(.1-2) and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCun50687.
CVE-2014-5178 1 Efssoft 1 Easy File Sharing Web Server 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Easy File Sharing (EFS) Web Server 6.8 allow remote authenticated users to inject arbitrary web script or HTML via the content parameter when (1) creating a topic or (2) posting an answer. NOTE: some of these details are obtained from third party information.
CVE-2014-5024 1 Sonicwall 3 Analyzer, Global Management System, Uma Em5000 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id parameter.
CVE-2014-4958 1 Telerik 1 Asp.net Ajax Radeditor Control 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and other versions allows remote attackers to inject arbitrary web script or HTML via CSS expressions in style attributes.
CVE-2014-2715 1 Videowhisper 1 Videowhisper 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in vwrooms\templates\logout.tpl.php in the VideoWhisper Webcam plugins for Drupal 7.x allow remote attackers to inject arbitrary web script or HTML via the (1) module or (2) message parameter to index.php.
CVE-2015-6255 1 Cisco 1 Unified Web And E-mail Interaction Manager 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-Mail Interaction Manager 9.0(2) allows remote attackers to inject arbitrary web script or HTML via a crafted chat message, aka Bug ID CSCuo89051.
CVE-2015-1204 1 Getusedtoit 1 Wp Slimstat 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Save Filters functionality in the WP Slimstat plugin before 3.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fs[resource] parameter in the wp-slim-view-2 page to wp-admin/admin.php.
CVE-2014-2125 1 Cisco 1 Unity Connection 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Web Inbox in Cisco Unity Connection 8.6(2a)SU3 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028.
CVE-2014-4801 1 Ibm 1 Rational Quality Manager 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x through 2.0.1.1, 3.x before 3.0.1.6 iFix 4, 4.x before 4.0.7 iFix 2, and 5.x before 5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVE-2015-5455 1 Qualiteam 1 X-cart 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in X-Cart 4.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to install/.
CVE-2014-4857 1 Gurock 1 Testrail 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Gurock TestRail before 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the Created By field in a project activity.
CVE-2014-4848 1 Blogstand Banner Plugin Project 1 Blogstand-smart-banner 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Blogstand Banner (blogstand-smart-banner) plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the bs_blog_id parameter to wp-admin/options-general.php.
CVE-2014-4846 1 Matchalabs 1 Metaslider 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Meta Slider (ml-slider) plugin 2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter to wp-admin/admin.php.
CVE-2014-4719 1 Usvn 1 User-friendly Svn 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the login panel (svn/login/) in User-Friendly SVN (aka USVN) before 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the username field.
CVE-2014-7293 1 Nyu 1 Opensso Integration 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services (PDS) allows remote attackers to inject arbitrary web script or HTML via the url parameter.
CVE-2014-4710 1 Aas9 1 Zerocms 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in zero_user_account.php in ZeroCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the Full Name field.
CVE-2014-4599 1 Wp-business Directory Project 1 Wp-business Directory 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in forms/search.php in the WP-Business Directory (wp-ttisbdir) plugin 1.0.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) edit, (2) search_term, (3) page_id, (4) page, or (5) page_links parameter.
CVE-2014-3692 1 Redhat 2 Cloudforms 3.1 Management Engine, Cloudforms Managementengine 2025-04-12 N/A
The customization template in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 uses a default password for the root account when a password is not specified for a new image, which allows remote attackers to gain privileges.
CVE-2014-6238 1 Akronymmanager Project 1 Akronymmanager 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Akronymmanager (aka SB Folderdownload) extension 0.5.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-6243 1 Ewww Image Optimizer Plugin Project 1 Ewww Image Optimizer Plugin 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the EWWW Image Optimizer plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the error parameter in the ewww-image-optimizer.php page to wp-admin/options-general.php, which is not properly handled in a pngout error message.