Total
37135 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3565 | 2 Opensuse, Videolan | 2 Opensuse, Vlc Media Player | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xml, or (3) URI in a request, which is returned in an error message through share/lua/intf/http.lua. | |||||
| CVE-2013-3517 | 1 Netgear | 4 Wnr3500l, Wnr3500l Firmware, Wnr3500u and 1 more | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L. | |||||
| CVE-2013-3320 | 1 Netapp | 1 Oncommand System Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager before 2.2 allows remote attackers to inject arbitrary web script or HTML via the 'full-name' and 'comment' fields. | |||||
| CVE-2013-3097 | 1 Actiontec | 2 Mi424wr-gen3i, Mi424wr-gen3i Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Unspecified Cross-site scripting (XSS) vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router. | |||||
| CVE-2013-3067 | 1 Linksys | 2 Wrt310n, Wrt310n Firmware | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Linksys WRT310Nv2 2.0.0.1 is vulnerable to XSS. | |||||
| CVE-2013-2999 | 1 Ibm | 1 Infosphere Data Replication Dashboard | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 84115. | |||||
| CVE-2013-2714 | 1 Podpress Project | 1 Podpress | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site Scripting (XSS) in WordPress podPress Plugin 8.8.10.13 could allow remote attackers to inject arbitrary web script or html via the 'playerID' parameter. | |||||
| CVE-2013-2684 | 1 Cisco | 2 Linksys E4200, Linksys E4200 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site Scripting (XSS) in Cisco Linksys E4200 1.0.05 Build 7 devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-2679 | 1 Belkin | 2 Linksys E4200, Linksys E4200 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the (1) log_type, (2) ping_ip, (3) ping_size, (4) submit_type, or (5) traceroute_ip parameter to apply.cgi or (6) new_workgroup or (7) submit_button parameter to storage/apply.cgi. | |||||
| CVE-2013-2637 | 2 Opensuse, Otrs | 3 Opensuse, Faq, Otrs Itsm | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code. | |||||
| CVE-2013-2623 | 1 Telaen Project | 1 Telaen | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site Scripting (XSS) in Telaen before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the "f_email" parameter in index.php. | |||||
| CVE-2013-2622 | 1 Uebimiau | 1 Uebimiau | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site Scripting (XSS) in UebiMiau 2.7.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the "selected_theme" parameter in error.php. | |||||
| CVE-2013-2294 | 1 Viewgit Project | 1 Viewgit | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in ViewGit before 0.0.7 allow remote repository users to inject arbitrary web script or HTML via a (1) tag name to the Shortlog table in templates/shortlog.php or branch name to the (2) Shortlog table in templates/shortlog.php or (3) Heads table in plates/summary.php. | |||||
| CVE-2013-2101 | 2 Redhat, Theforeman | 2 Satellite, Katello | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Katello has multiple XSS issues in various entities | |||||
| CVE-2013-2092 | 1 Dolibarr | 1 Dolibarr | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web script or HTML in functions.lib.php. | |||||
| CVE-2013-2008 | 1 Automattic | 1 Wp Super Cache | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| WordPress Super Cache Plugin 1.3 has XSS. | |||||
| CVE-2013-1951 | 3 Debian, Linux, Mediawiki | 3 Debian Linux, Linux Kernel, Mediawiki | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names. | |||||
| CVE-2013-1938 | 1 Zimbra | 1 Zimbra | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Zimbra 2013 has XSS in aspell.php | |||||
| CVE-2013-1934 | 2 Debian, Mantisbt | 2 Debian Linux, Mantisbt | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.0rc1 before 1.2.14 allows remote authenticated users to inject arbitrary web script or HTML via a complex value. | |||||
| CVE-2013-1932 | 1 Mantisbt | 1 Mantisbt | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via a project name. | |||||