Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (44145 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-4017 1 Conversionninja 1 Conversion Ninja 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Conversion Ninja plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter to lp/index.php.
CVE-2014-4023 1 F5 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 11 more 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-4032 1 Fiyo 1 Fiyo Cms 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in apps/app_comment/form_comment.php in Fiyo CMS 1.5.7 allows remote attackers to inject arbitrary web script or HTML via the Nama field.
CVE-2014-4036 1 Impresscms 1 Impresscms 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action.
CVE-2014-4033 1 Efrontlearning 1 Efront 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in libraries/includes/personal/profile.php in Epignosis eFront 3.6.14.4 allows remote attackers to inject arbitrary web script or HTML via the surname parameter to student.php.
CVE-2014-4035 1 Bestsoftinc 1 Advance Hotel Booking System 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in booking_details.php in Best Soft Inc. (BSI) Advance Hotel Booking System 2.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
CVE-2014-4070 1 Microsoft 1 Lync Server 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Web Components Server in Microsoft Lync Server 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Lync XSS Information Disclosure Vulnerability."
CVE-2014-4075 1 Microsoft 1 Asp.net Model View Controller 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in System.Web.Mvc.dll in Microsoft ASP.NET Model View Controller (MVC) 2.0 through 5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted web page, aka "MVC XSS Vulnerability."
CVE-2014-4116 1 Microsoft 1 Sharepoint Foundation 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2 allows remote authenticated users to inject arbitrary web script or HTML via a modified list, aka "SharePoint Elevation of Privilege Vulnerability."
CVE-2014-4161 1 Sap 1 Supplier Relationship Management 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to inject arbitrary web script or HTML via the url parameter.
CVE-2014-4165 2 Ntop, Opensuse 2 Ntop, Opensuse 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in ntop allows remote attackers to inject arbitrary web script or HTML via the title parameter in a list action to plugins/rrdPlugin.
CVE-2014-4187 1 Clip-bucket 1 Clipbucket 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in signup.php in ClipBucket allows remote attackers to inject arbitrary web script or HTML via the Username field.
CVE-2014-4189 1 Hitachi 2 Jp1\/performance Management-manager Web Option, Tuning Manager 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-4195 1 Aas9 1 Zerocms 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the article_id parameter.
CVE-2014-4836 1 Ibm 1 Tririga Application Platform 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in breakOutWithName.jsp in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVE-2014-4837 1 Ibm 1 Tririga Application Platform 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in NewDocument.jsp in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVE-2014-4838 1 Ibm 1 Tririga Application Platform 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in GanttProjectSchedulerPopup.jsp in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVE-2014-4845 1 Stillbreathing 1 Bannerman 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the BannerMan plugin 0.2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the bannerman_background parameter to wp-admin/options-general.php.
CVE-2014-4846 1 Matchalabs 1 Metaslider 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Meta Slider (ml-slider) plugin 2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter to wp-admin/admin.php.
CVE-2014-4847 1 Buffercode 1 Random Banner 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Random Banner plugin 1.1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the buffercode_RBanner_url_banner1 parameter in an update action to wp-admin/options.php.