Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-3842 | 1 Jbmc-software | 1 Directadmin | 2012-07-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) select0 or (2) select8 parameters. | |||||
| CVE-2012-3832 | 1 Milesj | 1 Decoda | 2012-07-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in decoda/Decoda.php in Decoda before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to (1) b or (2) div tags. | |||||
| CVE-2012-2446 | 1 Netsweeper | 1 Netsweeper | 2012-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in tools/local_lookup.php in the WebAdmin Portal in Netsweeper allows remote attackers to inject arbitrary web script or HTML via the group parameter in a lookup action. | |||||
| CVE-2012-0716 | 1 Ibm | 1 Websphere Application Server | 2012-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server 7.0 before 7.0.0.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-3238 | 2 Astaro, Sophos | 4 Security Gateway, Security Gateway Software, Unified Threat Management and 1 more | 2012-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field. | |||||
| CVE-2012-2644 | 2 Hazama, Six Apart | 2 Mt4i, Movable Type | 2012-07-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the MT4i plugin 3.1 beta 4 and earlier for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-2642. | |||||
| CVE-2012-2642 | 2 Hazama, Six Apart | 2 Mt4i, Movable Type | 2012-07-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the MT4i plugin 3.1 beta 4 and earlier for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-2644. | |||||
| CVE-2012-2643 | 1 Kent-web | 1 Yy-board | 2012-07-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in KENT-WEB YY-BOARD before 6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted form entry. | |||||
| CVE-2012-2641 | 1 Zenphoto | 1 Zenphoto | 2012-07-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Zenphoto before 1.4.3 allows remote attackers to inject arbitrary web script or HTML by triggering improper interaction with an unspecified library. | |||||
| CVE-2009-4839 | 1 Secureideas | 1 Basic Analysis And Security Engine | 2012-07-02 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/base_roleadmin.php, (2) admin/base_useradmin.php, (3) base_conf_contents.php, (4) base_qry_sqlcalls.php, and (5) base_ag_main.php. | |||||
| CVE-2009-4837 | 1 Secureideas | 1 Basic Analysis And Security Engine | 2012-07-02 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE) before 1.4.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[1] parameter to base/base_qry_main.php, or the time[0][1] parameter to (2) base/base_stat_alerts.php or (3) base/base_stat_uaddr.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6156 | 1 Secureideas | 1 Basic Analysis And Security Engine | 2012-07-02 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[0] and (2) sig[1] parameters. | |||||
| CVE-2012-3232 | 1 Webatall | 1 Web\@all | 2012-07-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in web@all 2.0, as downloaded before May 30, 2012, allows remote attackers to inject arbitrary web script or HTML via the _text[title] parameter. | |||||
| CVE-2012-0323 | 2 Paul Lesniewsk, Squirrelmail | 2 Autocomplete, Squirrelmail | 2012-07-01 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Autocomplete plugin before 3.0 for SquirrelMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-4956 | 1 Wordpress | 1 Wordpress | 2012-06-27 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-1253 | 1 Roundcube | 1 Webmail | 2012-06-27 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment. | |||||
| CVE-2012-3790 | 1 Adiscon | 1 Loganalyzer | 2012-06-20 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter in a Search action. | |||||
| CVE-2012-2637 | 1 Kent-web | 1 Web Patio | 2012-06-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 and earlier might allow remote attackers to inject arbitrary web script or HTML via a crafted cookie. | |||||
| CVE-2012-2638 | 1 Wap2 | 1 Smallpict | 2012-06-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SmallPICT.cgi in SmallPICT before 2.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-2636 | 1 Kent-web | 1 Web Patio | 2012-06-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||