CVE-2011-0909

Vanilla Forums is affected by CVE-2011-0909 (before 2.0.17.6). The vulnerability is a Cross-site Scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the p parameter to an unspecified component. Connected Red Hat CVE entries corroborate the same description...

CVE-2011-0772

Multiple cross-site scripting XSS vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the 1 color parameter to includes/blogroll.php or 2 src parameter to includes/timwrapper.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the 1 color parameter to includes/blogroll.php or 2 src parameter to includes/timwrapper.php...

CVE-2010-3854

Multiple cross-site scripting XSS vulnerabilities in the web administration interface aka Futon in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in magpie/scripts/magpieslashbox.php in RSS Feed Reader 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the rssurl parameter...

CVE-2011-0740

Cross-site scripting XSS vulnerability in magpie/scripts/magpieslashbox.php in RSS Feed Reader 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the rssurl parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-4569

Cross-site scripting XSS vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the real name field of a user account, related to the AutoComplete widget in YUI...

CVE-2010-4569

CVE-2010-4569 is an XSS vulnerability in Bugzilla affecting versions 3.7.1, 3.7.2, 3.7.3, and 4.0rc1. The issue arises in Bugzilla’s user account real name field, related to the YUI AutoComplete widget, allowing remote attackers to inject arbitrary script/HTML. The connected records confirm the B...

CVE-2011-0641

Multiple cross-site scripting XSS vulnerabilities in wp-admin/admin.php in the StatPressCN plugin 1.9.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 what1, 2 what2, 3 what3, 4 what4, and 5 what5 parameters. NOTE: the provenance of this information is...

Hastymail2 < 1.01 XSS Vulnerability

Hastymail2 is prone to a cross-site scripting XSS vulnerability. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

CVE-2010-4071

Cross-site scripting XSS vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichText is enabled, allows remote attackers to inject arbitrary web script or HTML via JavaScript in an HTML e-mail...

CVE-2010-3931

Cross-site scripting XSS vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and earlier, P up board 1.38 and other versions, P diary R 1.13 and earlier, P link 1.11 and earlier, P link compact 1.04 and earlier, pplog 3.31 and earlier, pplog2 3.3...

Cross site scripting

Cross-site scripting XSS vulnerability in cognos.cgi in IBM Cognos 8 Business Intelligence BI 8.4.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via the pathinfo parameter...

CVE-2010-4339

Cross-site scripting XSS vulnerability in Hypermail 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted From address, which is not properly handled when indexing messages...

CVE-2010-4339

Cross-site scripting XSS vulnerability in Hypermail 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted From address, which is not properly handled when indexing messages...

Mandriva Update for MHonArc MDVSA-2011:003 (MHonArc)

Check for the Version of MHonArc OpenVAS Vulnerability Test Mandriva Update for MHonArc MDVSA-2011:003 MHonArc Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

CVE-2008-7271

Multiple cross-site scripting XSS vulnerabilities in the Help Contents web application aka the Help Server in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via 1 the searchWord parameter to help/advanced/searchView.jsp or 2 the workingSet parameter in ...

CVE-2010-4647

Multiple cross-site scripting XSS vulnerabilities in the Help Contents web application aka the Help Server in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to 1 help/index.jsp or 2 help/advanced/content.jsp...

CVE-2010-4693

Multiple cross-site scripting XSS vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 h and 2 t parameters to help.php, or 3 picfileXXX parameter to searchnew.php...