6892 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in NetArt Media Car Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 carid parameter to index.php and 2 y parameter to include/images.php...
CVE-2010-3010
Cross-site scripting XSS vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage SMH was originally...
Cross site scripting
Cross-site scripting XSS vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage SMH was originally...
Cross site scripting
Cross-site scripting XSS vulnerability in Django 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a csrfmiddlewaretoken aka csrftoken cookie...
CVE-2010-0152
Multiple cross-site scripting XSS vulnerabilities in the Local Management Interface LMI on the IBM Proventia Network Mail Security System PNMSS appliance with firmware before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via 1 the date1 parameter to pvmmessagestore.php, 2...
CVE-2010-3263
Cross-site scripting XSS vulnerability in setup/frames/index.inc.php in the setup script in phpMyAdmin 3.x before 3.3.7 allows remote attackers to inject arbitrary web script or HTML via a server name...
Cross site scripting
Cross-site scripting XSS vulnerability in Serendipity before 1.5.4, when "Remember me" logins are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-2958
Cross-site scripting XSS vulnerability in libraries/Error.class.php in phpMyAdmin 3.x before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to a PHP backtrace and error messages aka debugging messages, a different vulnerability than CVE-2010-3056...
CVE-2010-3208
Cross-site scripting XSS vulnerability in ajax.php in Wiccle Web Builder WWB 1.00 and 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the posttext parameter in a site customsearch action to index.php. NOTE: some of these details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in ajax.php in Wiccle Web Builder WWB 1.00 and 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the posttext parameter in a site customsearch action to index.php. NOTE: some of these details are obtained from third party information...
CVE-2009-4990
Cross-site scripting XSS vulnerability in the Webform report module 5.x and 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via a submission...
CVE-2009-4989
Cross-site scripting XSS vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote attackers to inject arbitrary web script or HTML via the txtkeyword parameter in a search action...
CVE-2009-4980
Multiple cross-site scripting XSS vulnerabilities in Photokorn Gallery 1.81 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 where parameter to search.php and 2 qc parameter to admin.php...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote attackers to inject arbitrary web script or HTML via the txtkeyword parameter in a search action...
Cross site scripting
Cross-site scripting XSS vulnerability in users/resumeregister.php in Omnistar Recruiting allows remote attackers to inject arbitrary web script or HTML via the job2 parameter...
CVE-2009-4984
Multiple cross-site scripting XSS vulnerabilities in Accessories Me PHP Affiliate Script 1.4 allow remote attackers to inject arbitrary web script or HTML via the 1 Keywords parameter to search.php and 2 SearchIndex parameter to browse.php...
CVE-2009-4989
Cross-site scripting XSS vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote attackers to inject arbitrary web script or HTML via the txtkeyword parameter in a search action...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in DiamondList 0.1.6, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 categorydescription parameter to user/main/updatecategory, which is not properly handled by app/views/categories/index.html.erb; an...
CVE-2010-3025
Multiple cross-site scripting XSS vulnerabilities in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 excerpt parameter to application/modules/admin/controllers/posts.php, as reachable by admin/posts/edit; and the 2 conten...
CVE-2010-3023
Multiple cross-site scripting XSS vulnerabilities in DiamondList 0.1.6, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 categorydescription parameter to user/main/updatecategory, which is not properly handled by app/views/categories/index.html.erb; an...