6892 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in eXV2 CMS 2.10 allow remote attackers to inject arbitrary web script or HTML via the 1 rssfeedURL parameter to manual/caferss/example.php and the sumb parameter to 2 modules/news/archive.php, 3 modules/news/topics.php, and 4...
CVE-2010-3977
Multiple cross-site scripting XSS vulnerabilities in wp-content/plugins/cforms/libajax.php in cforms WordPress plugin 11.5 allow remote attackers to inject arbitrary web script or HTML via the 1 rs and 2 rsargs parameters...
CVE-2010-4146
Cross-site scripting XSS vulnerability in Attachmate Reflection for the Web 2008 R2 builds 10.1.569 and earlier, 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in Attachmate Reflection for the Web 2008 R2 builds 10.1.569 and earlier, 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via 1 the parm1 parameter to ivt/ivtserver, or the method parameter to 2 acl, 3 domain, ...
CVE-2010-4023
Cross-site scripting XSS vulnerability in HP Insight Control Power Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-3987
Cross-site scripting XSS vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in HP Version Control Repository Manager VCRM before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-4120
Multiple cross-site scripting XSS vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via 1 the parm1 parameter to ivt/ivtserver, or the method parameter to 2 acl, 3 domain, ...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 mail, 2 title, 3 u, and 4 url parameters. NOTE: the q parameter is already covered by CVE-2009-2302...
CVE-2010-3715
Multiple cross-site scripting XSS vulnerabilities in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 the RemoveXSS function, and allow remote authenticated users to inject arbitrary web...
Cross site scripting
Cross-site scripting XSS vulnerability in HP Systems Insight Manager SIM before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-3291
Cross-site scripting XSS vulnerability in HP AssetCenter 5.0x through AC5.03, and AssetManager 5.1x through AM5.12 and 5.2x through AM5.22, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-3177
Multiple cross-site scripting XSS vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a 1 file or 2 directory on a Gopher server...
CVE-2010-3177
Multiple cross-site scripting XSS vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a 1 file or 2 directory on a Gopher server...
MantisBT < 1.2.3 Multiple XSS Vulnerabilities
MantisBT is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in phpCAS before 1.1.3, when proxy mode is enabled, allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Proxy Granting Ticket IOU PGTiou parameter to the callback function in client.php, 2 vectors involving functions that...
CVE-2010-3303
Multiple cross-site scripting XSS vulnerabilities in MantisBT before 1.2.3 allow remote authenticated administrators to inject arbitrary web script or HTML via 1 a plugin name, related to managepluginuninstall.php; 2 an enumeration value or 3 a String value of a custom field, related to...
CVE-2010-3303
Multiple cross-site scripting XSS vulnerabilities in MantisBT before 1.2.3 allow remote authenticated administrators to inject arbitrary web script or HTML via 1 a plugin name, related to managepluginuninstall.php; 2 an enumeration value or 3 a String value of a custom field, related to...