Total
28117 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4003 | 1 Glpi-project | 1 Glpi | 2013-04-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in GLPI-PROJECT GLPI before 0.83.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2012-3442 | 1 Djangoproject | 1 Django | 2013-04-11 | 4.3 MEDIUM | N/A |
| The (1) django.http.HttpResponseRedirect and (2) django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a data: URL. | |||||
| CVE-2013-0134 | 1 Airdroid | 1 Airdroid | 2013-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web interface in AirDroid allows remote attackers to inject arbitrary web script or HTML via a crafted text message that is transmitted by a managed phone. | |||||
| CVE-2013-0125 | 1 C2enterprise | 1 C2 Webresource | 2013-04-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in fileview.asp in C2 WebResource allows remote attackers to inject arbitrary web script or HTML via the File parameter. | |||||
| CVE-2012-3382 | 1 Mono | 1 Mono | 2013-04-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properly handled in an error message. | |||||
| CVE-2011-4616 | 1 Igor Vlasenko | 1 Html-template-pro | 2013-04-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to improper handling of > (greater than) and < (less than) characters. | |||||
| CVE-2013-0324 | 2 Drupal, Tomasbarej | 2 Drupal, Menu Reference | 2013-04-04 | 2.1 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Rendered links formatter in the Menu Reference module 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with the "Administer menus and menu items" permission to inject arbitrary web script or HTML via the menu link title. | |||||
| CVE-2013-0317 | 2 Drupal, Joe Haskins | 2 Drupal, Og Manager Change | 2013-04-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Manager Change for Organic Groups (og_manager_change) module 7.x-2.x before 7.x-2.1 for Drupal might allow remote attackers to inject arbitrary web script or HTML via the username in the new manager autocomplete field. | |||||
| CVE-2013-0323 | 2 Display Suite Project, Drupal | 2 Ds, Drupal | 2013-04-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the author field. | |||||
| CVE-2013-0319 | 2 Drupal, Yandex.metrics Project | 2 Drupal, Yandex Metrics | 2013-04-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Yandex.Metrics module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to the Yandex.Metrica service data. | |||||
| CVE-2013-1171 | 1 Cisco | 1 Connected Grid Network Management System | 2013-04-02 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the element-list implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCue14517, CSCue38914, CSCue38884, CSCue38882, CSCue38881, CSCue38872, CSCue38868, CSCue38866, CSCue38853, and CSCue14540. | |||||
| CVE-2012-4345 | 1 Phpmyadmin | 1 Phpmyadmin | 2013-04-02 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Database Structure page in phpMyAdmin 3.4.x before 3.4.11.1 and 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) a crafted table name during table creation, or a (2) Empty link or (3) Drop link for a crafted table name. | |||||
| CVE-2013-0936 | 1 Emc | 6 Smarts Ip Manager, Smarts Mpls Manager, Smarts Network Protocol Manager and 3 more | 2013-03-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in EMC Smarts IP Manager, Smarts Service Assurance Manager, Smarts Server Manager, Smarts VoIP Availability Manager, Smarts Network Protocol Manager, and Smarts MPLS Manager before 9.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2013-0321 | 2 Drupal, Ubercart Views Project | 2 Drupal, Uc Views | 2013-03-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Views in the Ubercart Views (uc_views) module 6.x before 6.x-3.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via the full name field. | |||||
| CVE-2013-1781 | 2 Devsaran, Drupal | 2 Professional Theme, Drupal | 2013-03-28 | 2.1 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the Professional theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-1778 | 2 Devsaran, Drupal | 2 Creative, Drupal | 2013-03-28 | 2.1 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Creative Theme 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via vectors related to social icons. | |||||
| CVE-2013-1779 | 2 Devsaran, Drupal | 2 Fresh, Drupal | 2013-03-28 | 2.1 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the Fresh theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-1787 | 2 Devsaran, Drupal | 2 Corporate, Drupal | 2013-03-28 | 2.1 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the Simple Corporate theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-1786 | 2 Devsaran, Drupal | 2 Company, Drupal | 2013-03-28 | 2.1 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the Company theme before 7.x-1.4 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2013-1887 | 2 Drupal, Views Project | 2 Drupal, Views | 2013-03-28 | 2.1 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Views module 7.x-3.x before 7.x-3.6 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via certain view configuration fields. | |||||