Export limit exceeded: 363555 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363555 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-10001 1 Phpjabbers 1 Appointment Scheduler 2025-04-12 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in PHPJabbers Appointment Scheduler 2.0 allow remote attackers to hijack the authentication of administrators for requests that (1) conduct cross-site scripting (XSS) attacks via the i18n[1][name] parameter in a pjActionCreate action to the pjAdminServices controller or (2) add an administrator via a pjActionCreate action to the pjAdminUsers controller.
CVE-2014-100010 1 Csphere 1 Clansphere 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in ClanSphere 2011.4 allows remote attackers to inject arbitrary web script or HTML via the where parameter in a list action to index.php.
CVE-2014-100011 1 Sendy 1 Sendy 2025-04-12 N/A
SQL injection vulnerability in /send-to in Sendy 1.1.9.1 allows remote attackers to execute arbitrary SQL commands via the c parameter.
CVE-2014-100013 1 Clientresponse Project 1 Clientresponse 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in clientResponse 4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Subject or (2) Message field.
CVE-2014-100014 1 Solidworks 1 Product Data Management 2025-04-12 N/A
Multiple stack-based buffer overflows in pdmwService.exe in SolidWorks Workgroup PDM 2014 SP2 allow remote attackers to execute arbitrary code via a long string in a (1) 2001, (2) 2002, or (3) 2003 opcode to port 3000.
CVE-2014-100015 1 Solidworks 1 Product Data Management 2025-04-12 N/A
Directory traversal vulnerability in pdmwService.exe in SolidWorks Workgroup PDM 2014 allows remote attackers to write to arbitrary files via a .. (dot dot) in the filename in a file upload.
CVE-2014-100016 1 Photocati Media 1 Photocrati 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in photocrati-gallery/ecomm-sizes.php in the Photocrati theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the prod_id parameter.
CVE-2014-100017 1 Phponlinechat 1 Phponlinechat 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in canned_opr.php in PhpOnlineChat 3.0 allows remote attackers to inject arbitrary web script or HTML via the message field.
CVE-2014-100019 1 Pomm-project 1 Pomm 2025-04-12 N/A
SQL injection vulnerability in the LTree converter in Pomm before 1.1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2014-10002 1 Jetbrains 1 Teamcity 2025-04-12 N/A
Unspecified vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to obtain sensitive information via unknown vectors.
CVE-2014-100020 1 Itechscripts 1 Itechclassifieds 2025-04-12 N/A
SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. NOTE: the CatID parameter is already covered by CVE-2008-0685.
CVE-2014-100021 1 Orangehrm 1 Orangehrm 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in symfony/web/index.php/pim/viewEmployeeList in OrangeHRM before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the empsearch[employee_name][empId] parameter.
CVE-2014-100022 1 Mtouch Quiz Project 1 Mtouch Quiz 2025-04-12 N/A
SQL injection vulnerability in question.php in the mTouch Quiz before 3.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the quiz parameter to wp-admin/edit.php.
CVE-2014-100023 1 Mtouch Quiz Project 1 Mtouch Quiz 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in question.php in the mTouch Quiz before 3.0.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the quiz parameter to wp-admin/edit.php.
CVE-2014-100024 1 Seopanel 1 Seo Panel 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Seo Panel before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-100025 1 Savsoft Technologies 1 Savsoft Quiz 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an administrator account via a crafted request.
CVE-2014-100026 1 April\'s Super Functions Pack Project 1 April\'s Super Functions Pack 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in readme.php in the April's Super Functions Pack plugin before 1.4.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: some of these details are obtained from third party information.
CVE-2014-100027 1 Getusedtoit 1 Wp Slimstat 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the WP SlimStat plugin before 3.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2014-100028 1 Webcrafted Project 1 Webcrafted 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in /signup in WEBCrafted allows remote attackers to inject arbitrary web script or HTML via the username.
CVE-2014-100029 1 Ganesha Digital Library Project 1 Ganesha Digital Library 2025-04-12 N/A
Multiple directory traversal vulnerabilities in class/session.php in Ganesha Digital Library (GDL) 4.2 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) newlang or (2) newtheme parameter.