Total
28971 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-6395 | 1 Cisco | 1 Firesight System Software | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz58658. | |||||
| CVE-2015-4374 | 1 Webform Project | 1 Webform | 2024-02-04 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.23, 7.x-3.x before 7.x-3.23, and 7.x-4.x before 7.x-4.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a component name in the recipient (To) address of an email. | |||||
| CVE-2016-1000150 | 1 Oxil | 1 Simplified-content | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected XSS in wordpress plugin simplified-content v1.0.0 | |||||
| CVE-2015-6945 | 1 Jsp\/mysql Administrador Web Project | 1 Jsp\/mysql Administrador Web | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp. | |||||
| CVE-2016-5978 | 1 Ibm | 1 Tealeaf Customer Experience | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Web UI in the web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerability than CVE-2016-5975. | |||||
| CVE-2015-5630 | 1 Ntt-bp | 1 Japan Connected-free Wi-fi | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and 1.0.2 and earlier for iOS allows remote attackers to inject arbitrary web script or HTML via a crafted SSID. | |||||
| CVE-2014-9230 | 1 Symantec | 1 Data Loss Prevention | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-2850 | 1 Antlabs | 6 Inngate Ig 3.01 E, Inngate Ig 3.10 E, Inngate Ig 3.10 M and 3 more | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | |||||
| CVE-2016-1916 | 1 Blackberry | 1 Enterprise Server | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to improper rendering on a certain Export IT screen. | |||||
| CVE-2015-4029 | 1 Netgate | 1 Pfsense | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the zone parameter in a del action to services_captiveportal_zones.php. | |||||
| CVE-2015-6514 | 1 Splunk | 1 Splunk | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Enterprise 6.2.x before 6.2.4 and Splunk Light 6.2.x before 6.2.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-3243 | 1 Seogento | 1 Seogento | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the SEOgento plugin for Magento allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2014-3148 | 1 Ok Web Server Project | 1 Ok Web Server | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in libahttp/err.c in OkCupid OKWS (OK Web Server) allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to a non-existent page, which is not properly handled in a 404 error page. | |||||
| CVE-2015-4135 | 1 Phpwind | 1 Phpwind | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in goto.php in phpwind 8.7 allows remote attackers to inject arbitrary web script or HTML via the url parameter. | |||||
| CVE-2015-7431 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM Sterling B2B Integrator 5.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2015-6387 | 1 Cisco | 1 Unified Computing System Central Software | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Unified Computing System (UCS) Central Software 1.3(0.1) allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCux33573. | |||||
| CVE-2015-4292 | 1 Cisco | 1 Prime Central For Hosted Collaboration Solution Assurance | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the management interface in Cisco Prime Central for Hosted Collaboration Solution (PC4HCS) 10.6(2) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuv45818. | |||||
| CVE-2015-7373 | 1 Revive-adserver | 1 Revive Adserver | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the "magic-macros" feature in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via a GET parameter, which is not properly handled in a banner. | |||||
| CVE-2015-8052 | 1 Adobe | 1 Coldfusion | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8053. | |||||
| CVE-2015-0752 | 1 Cisco | 1 Telepresence Video Communication Server | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27635. | |||||