6892 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in core/summaryapi.php in MantisBT before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the Summary field, a different vector than CVE-2010-3303...
CVE-2010-3070
Cross-site scripting XSS vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to an arbitrary PHP script that uses NuSOAP classes...
Cross site scripting
Cross-site scripting XSS vulnerability in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allows remote authenticated users to inject arbitrary web script or HTML via the id parameter...
CVE-2010-3294
Cross-site scripting XSS vulnerability in apc.php in the Alternative PHP Cache APC extension before 3.1.4 for PHP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via 1 an action description, 2 an action message, 3 a node, or 4 a taxonomy term, related to the actions feature and the...
CVE-2010-3472
Multiple cross-site scripting XSS vulnerabilities in the Workplace aka WP component in IBM FileNet P8 Application Engine P8AE 3.5.1 before 3.5.1-021 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Workplace aka WP component in IBM FileNet P8 Application Engine P8AE 4.0.2.x before 4.0.2.3-P8AE-FP003 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to .jsp pages...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Workplace aka WP component in IBM FileNet P8 Application Engine P8AE 3.5.1 before 3.5.1-021 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-5000
Multiple cross-site scripting XSS vulnerabilities in the Workplace aka WP component in IBM FileNet P8 Application Engine P8AE 4.0.2.x before 4.0.2.3-P8AE-FP003 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to .jsp pages...
Cross site scripting
Cross-site scripting XSS vulnerability in Flock Browser 3.x before 3.0.0.4114 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed...
CVE-2010-3457
Multiple cross-site scripting XSS vulnerabilities in Symphony CMS 2.0.7 and 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 fieldswebsite parameter in the post comments feature in articles/a-primer-to-symphony-2s-default-theme/ or 2 send-emailrecipient parameter to...
CVE-2010-3459
Cross-site scripting XSS vulnerability in the Ajax WebMail interface in AXIGEN Mail Server before 7.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Symphony CMS 2.0.7 and 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 fieldswebsite parameter in the post comments feature in articles/a-primer-to-symphony-2s-default-theme/ or 2 send-emailrecipient parameter to...
Cross site scripting
Cross-site scripting XSS vulnerability in the Ajax WebMail interface in AXIGEN Mail Server before 7.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-3465
Multiple cross-site scripting XSS vulnerabilities in XSE Shopping Cart 1.5.2.1 and 1.5.3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to Default.aspx and the 2 type parameter to SearchResults.aspx...
CVE-2010-3425
Cross-site scripting XSS vulnerability in UserControls/Popups/frmHelp.aspx in SmarterStats 5.3, 5.3.3819, and possibly other 5.3 versions, allows remote attackers to inject arbitrary web script or HTML via the url parameter...
CVE-2010-3427
Multiple cross-site scripting XSS vulnerabilities in Open Classifieds 1.7.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 desc, 2 price, 3 title, and 4 place parameters to index.php and the 5 subject parameter to contact.htm, related to content/contact.php...
CVE-2010-3418
Multiple cross-site scripting XSS vulnerabilities in NetArt Media Car Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 carid parameter to index.php and 2 y parameter to include/images.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Open Classifieds 1.7.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 desc, 2 price, 3 title, and 4 place parameters to index.php and the 5 subject parameter to contact.htm, related to content/contact.php...
Cross site scripting
Cross-site scripting XSS vulnerability in admin/sources/classes/bbcode/custom/defaults.php in Invision Power Board IP.Board 3.1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...