Export limit exceeded: 363308 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363308 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-10002 1 Jetbrains 1 Teamcity 2025-04-12 N/A
Unspecified vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to obtain sensitive information via unknown vectors.
CVE-2014-100020 1 Itechscripts 1 Itechclassifieds 2025-04-12 N/A
SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. NOTE: the CatID parameter is already covered by CVE-2008-0685.
CVE-2014-100021 1 Orangehrm 1 Orangehrm 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in symfony/web/index.php/pim/viewEmployeeList in OrangeHRM before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the empsearch[employee_name][empId] parameter.
CVE-2014-100022 1 Mtouch Quiz Project 1 Mtouch Quiz 2025-04-12 N/A
SQL injection vulnerability in question.php in the mTouch Quiz before 3.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the quiz parameter to wp-admin/edit.php.
CVE-2014-100023 1 Mtouch Quiz Project 1 Mtouch Quiz 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in question.php in the mTouch Quiz before 3.0.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the quiz parameter to wp-admin/edit.php.
CVE-2014-100024 1 Seopanel 1 Seo Panel 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Seo Panel before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-100025 1 Savsoft Technologies 1 Savsoft Quiz 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an administrator account via a crafted request.
CVE-2014-100026 1 April\'s Super Functions Pack Project 1 April\'s Super Functions Pack 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in readme.php in the April's Super Functions Pack plugin before 1.4.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: some of these details are obtained from third party information.
CVE-2014-100027 1 Getusedtoit 1 Wp Slimstat 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the WP SlimStat plugin before 3.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2014-100028 1 Webcrafted Project 1 Webcrafted 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in /signup in WEBCrafted allows remote attackers to inject arbitrary web script or HTML via the username.
CVE-2014-100029 1 Ganesha Digital Library Project 1 Ganesha Digital Library 2025-04-12 N/A
Multiple directory traversal vulnerabilities in class/session.php in Ganesha Digital Library (GDL) 4.2 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) newlang or (2) newtheme parameter.
CVE-2014-10003 1 Maian Script World 1 Maian Uploader 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the width parameter to (1) uploader/admin/js/load_flv.js.php or (2) uploader/js/load_flv.js.php.
CVE-2014-100030 1 Ganesha Digital Library Project 1 Ganesha Digital Library 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in module/search/function.php in Ganesha Digital Library (GDL) 4.2 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a ByEge action.
CVE-2014-100031 1 Ismail Fahmi 1 Ganesha Digital Library 2025-04-12 N/A
Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php.
CVE-2014-100032 1 Airties 1 Air 6372 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in top.html in the Airties Air 6372 modem allows remote attackers to inject arbitrary web script or HTML via the productboardtype parameter.
CVE-2014-100033 1 Licensepal 1 Arcticdesk 2025-04-12 N/A
Directory traversal vulnerability in LicensePal ArcticDesk before 1.2.5 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2014-100034 1 Licensepal 1 Arcticdesk 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the frontend interface in LicensePal ArcticDesk before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-100035 1 Licensepal 1 Arcticdesk 2025-04-12 N/A
SQL injection vulnerability in the ticket grid in the admin interface in LicensePal ArcticDesk before 1.2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2014-100036 1 Flatpress 1 Flatpress 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in FlatPress 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the content parameter to the default URI.
CVE-2014-100037 1 Storytlr 1 Storytlr 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to archives/.