Cross-site scripting (XSS) vulnerability in dhcpinfo.html in D-link DSL-2760U-E1 allows remote attackers to inject arbitrary web script or HTML via a hostname.
Max CVSS
4.3
EPSS Score
0.25%
Published
2014-06-25
Updated
2023-04-26
Cross-site scripting (XSS) vulnerability in the Custom Meta module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer custom meta settings" permission to inject arbitrary web script or HTML via the (1) attribute or (2) content value for a meta tag.
Max CVSS
2.1
EPSS Score
0.11%
Published
2014-06-20
Updated
2016-05-18
Cross-site scripting (XSS) vulnerability in the Easy Breadcrumb module 7.x-2.x before 7.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.22%
Published
2014-06-20
Updated
2014-07-17
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name that is improperly handled after a (1) hide or (2) unhide action.
Max CVSS
3.5
EPSS Score
0.15%
Published
2014-06-25
Updated
2015-09-02
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) table name that is improperly handled after presence in (a) the favorite list or (b) recent tables.
Max CVSS
3.5
EPSS Score
0.12%
Published
2014-06-25
Updated
2015-09-02
Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) host or (2) password parameter to rtl/protected/admin/ddns/.
Max CVSS
4.3
EPSS Score
0.13%
Published
2014-06-19
Updated
2014-06-20
Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ntopng 1.1 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
Max CVSS
4.3
EPSS Score
0.35%
Published
2014-06-19
Updated
2017-08-29
Multiple cross-site scripting (XSS) vulnerabilities in Openfiler 2.99 allow remote attackers to inject arbitrary web script or HTML via the (1) TinkerAjax parameter to uptime.html, or remote authenticated users to inject arbitrary web script or HTML via the (2) MaxInstances, (3) PassivePorts, (4) Port, (5) ServerName, (6) TimeoutLogin, (7) TimeoutNoTransfer, or (8) TimeoutStalled parameter to admin/services_ftp.html; the (9) dns1 or (10) dns2 parameter to admin/system.html; the (11) newTgtName parameter to admin/volumes_iscsi_targets.html; the User-Agent HTTP header to (12) language.html, (13) login.html, or (14) password.html in account/; or the User-Agent HTTP header to (15) account_groups.html, (16) account_users.html, (17) services.html, (18) services_ftp.html, (19) services_iscsi_target.html, (20) services_rsync.html, (21) system_clock.html, (22) system_info.html, (23) system_ups.html, (24) volumes_editpartitions.html, or (25) volumes_iscsi_targets.html in admin/.
Max CVSS
4.3
EPSS Score
0.16%
Published
2014-06-18
Updated
2014-06-21
Multiple cross-site scripting (XSS) vulnerabilities in NICE Recording eXpress (aka Cybertech eXpress) before 6.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) USRLNM parameter to myaccount/mysettings.edit.validate.asp or the frame parameter to (2) iframe.picker.statchannels.asp, (3) iframe.picker.channelgroups.asp, (4) iframe.picker.extensions.asp, (5) iframe.picker.licenseusergroups.asp, (6) iframe.picker.licenseusers.asp, (7) iframe.picker.lookup.asp, or (8) iframe.picker.marks.asp in _ifr/.
Max CVSS
4.3
EPSS Score
0.29%
Published
2014-06-18
Updated
2014-06-19
Cross-site scripting (XSS) vulnerability in browse.php in SQL Buddy 1.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter.
Max CVSS
4.3
EPSS Score
0.20%
Published
2014-06-18
Updated
2016-09-06
Multiple cross-site scripting (XSS) vulnerabilities in the Touch theme 7.x-1.x before 7.x-1.9 for Drupal allow remote authenticated users with the Administer themes permission to inject arbitrary web script or HTML via vectors related to the (1) Twitter and (2) Facebook username settings.
Max CVSS
2.1
EPSS Score
0.11%
Published
2014-06-18
Updated
2016-09-06
Cross-site scripting (XSS) vulnerability in rating/rating.php in HAM3D Shop Engine allows remote attackers to inject arbitrary web script or HTML via the ID parameter.
Max CVSS
4.3
EPSS Score
0.12%
Published
2014-06-18
Updated
2014-06-18
Multiple cross-site scripting (XSS) vulnerabilities in the respond_error function in routing.py in Eugene Pankov Ajenti before 1.2.21.7 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) resources.js or (2) resources.css in ajenti:static/, related to the traceback page.
Max CVSS
4.3
EPSS Score
0.16%
Published
2014-06-18
Updated
2016-09-06
Cross-site scripting (XSS) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.22%
Published
2014-06-17
Updated
2015-09-02
Cross-site scripting (XSS) vulnerability in signup.php in ClipBucket allows remote attackers to inject arbitrary web script or HTML via the Username field.
Max CVSS
4.3
EPSS Score
0.14%
Published
2014-06-17
Updated
2018-10-09
Cross-site scripting (XSS) vulnerability in the song history in SHOUTcast DNAS 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the mp3 title field.
Max CVSS
4.3
EPSS Score
1.43%
Published
2014-06-16
Updated
2014-06-17
Cross-site scripting (XSS) vulnerability in ntop allows remote attackers to inject arbitrary web script or HTML via the title parameter in a list action to plugins/rrdPlugin.
Max CVSS
4.3
EPSS Score
0.38%
Published
2014-06-16
Updated
2018-10-30
Cross-site scripting (XSS) vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html.
Max CVSS
4.3
EPSS Score
0.14%
Published
2014-06-16
Updated
2015-12-04
Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Max CVSS
4.3
EPSS Score
0.14%
Published
2014-06-13
Updated
2014-06-16
Multiple cross-site scripting (XSS) vulnerabilities in the testcanvas node in SAP NetWeaver Business Client (NWBC) allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) sap-accessibility parameter.
Max CVSS
4.3
EPSS Score
0.25%
Published
2014-06-13
Updated
2014-06-21
Cross-site scripting (XSS) vulnerability in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor before 2.6.11 and earlier allows remote attackers to inject arbitrary web script or HTML via an array key in the textinputs[] parameter, a different issue than CVE-2012-4000.
Max CVSS
4.3
EPSS Score
0.22%
Published
2014-06-11
Updated
2015-08-28
Cross-site scripting (XSS) vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action.
Max CVSS
4.3
EPSS Score
0.12%
Published
2014-06-11
Updated
2014-06-12
Cross-site scripting (XSS) vulnerability in booking_details.php in Best Soft Inc. (BSI) Advance Hotel Booking System 2.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
Max CVSS
4.3
EPSS Score
0.21%
Published
2014-06-11
Updated
2019-08-12
Cross-site scripting (XSS) vulnerability in libraries/includes/personal/profile.php in Epignosis eFront 3.6.14.4 allows remote attackers to inject arbitrary web script or HTML via the surname parameter to student.php.
Max CVSS
4.3
EPSS Score
1.43%
Published
2014-06-11
Updated
2014-06-12
Cross-site scripting (XSS) vulnerability in apps/app_comment/form_comment.php in Fiyo CMS 1.5.7 allows remote attackers to inject arbitrary web script or HTML via the Nama field.
Max CVSS
4.3
EPSS Score
0.19%
Published
2014-06-11
Updated
2014-06-18
75 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!