Lucene search
K

6892 matches found

NVD
NVD
added 2010/06/28 8:30 p.m.12 views

CVE-2010-2514

Cross-site scripting XSS vulnerability in the JFaq comjfaq component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the question parameter in an add2 action to index.php...

4.3CVSS5.7AI score0.01075EPSS
Exploits1References4
Prion
Prion
added 2010/06/28 8:30 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in 2daybiz Web Template Software allow remote attackers to inject arbitrary web script or HTML via the 1 keyword parameter to category.php and the 2 password parameter to memberlogin.php...

4.3CVSS6.3AI score0.01314EPSS
Exploits1References2
CVE
CVE
added 2010/06/28 8:0 p.m.56 views

CVE-2010-2509

The CVE-2010-2509 entries describe cross-site scripting vulnerabilities in 2daybiz Web Template Software. The affected components are the category.php file (parameter: keyword) and memberlogin.php (parameter: password). The underlying issue is improper handling of user-supplied input leading to s...

4.3CVSS6.1AI score0.01314EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2010/06/28 6:30 p.m.22 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow remote attackers to inject arbitrary web script or HTML via 1 redirects, aka SPL-31067; 2 unspecified "user-user or user-admin" vectors, aka SPL-31084; or 3 unspecified "user input," aka...

4.3CVSS6.1AI score0.00855EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2010/06/25 7:30 p.m.12 views

CVE-2009-4908

Multiple cross-site scripting XSS vulnerabilities in oBlog allow remote attackers to inject arbitrary web script or HTML via the 1 commentName, 2 commentEmail, 3 commentWeb, or 4 commentText parameter to article.php; and allow remote authenticated administrators to inject arbitrary web script or...

4.3CVSS5.5AI score0.01488EPSS
Exploits1References4
Prion
Prion
added 2010/06/25 7:30 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in oBlog allow remote attackers to inject arbitrary web script or HTML via the 1 commentName, 2 commentEmail, 3 commentWeb, or 4 commentText parameter to article.php; and allow remote authenticated administrators to inject arbitrary web script or...

4.3CVSS5.8AI score0.01488EPSS
Exploits1References4
Cvelist
Cvelist
added 2010/06/25 7:0 p.m.17 views

CVE-2009-4908

Multiple cross-site scripting XSS vulnerabilities in oBlog allow remote attackers to inject arbitrary web script or HTML via the 1 commentName, 2 commentEmail, 3 commentWeb, or 4 commentText parameter to article.php; and allow remote authenticated administrators to inject arbitrary web script or...

5.5AI score0.01488EPSS
Exploits1References4
NVD
NVD
added 2010/06/24 12:17 p.m.30 views

CVE-2010-2422

Cross-site scripting XSS vulnerability in PortalTransforms in Plone 2.1 through 3.3.4 before hotfix 20100612 allows remote attackers to inject arbitrary web script or HTML via the safehtml transform...

4.3CVSS5.5AI score0.01227EPSS
Exploits0References3
Prion
Prion
added 2010/06/24 12:17 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to 1 explore/explore.jsp, 2 compose/compose.jsp, or 3 home.jsp in faces/...

4.3CVSS5.9AI score0.01465EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2010/06/21 8:30 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in error.php in Pilot Group PG eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6AI score0.01462EPSS
Exploits0References4
Prion
Prion
added 2010/06/21 7:30 p.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in the FileField module 5.x before 5.x-2.5 and 6.x before 6.x-3.4 for Drupal allows remote authenticated users, with create or edit permissions and 'Path to File' or 'URL to File' display enabled, to inject arbitrary web script or HTML via the file name...

2.1CVSS5.8AI score0.00991EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2010/06/21 3:30 p.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in odCMS 1.06, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Page parameter to 1 main/index.php, 2 members/index.php, 3 forum/index.php, 4 docs/index.php, and 5 announcements/index.php...

4.3CVSS6.2AI score0.01528EPSS
Exploits0References9Affected Software1
Prion
Prion
added 2010/06/17 4:30 p.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page...

4.3CVSS5.5AI score0.02814EPSS
Exploits0References10Affected Software2
Prion
Prion
added 2010/06/17 4:30 p.m.27 views

Cross site scripting

Cross-site scripting XSS vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted help: URL, related to "URL parameters in HTML content."...

4.3CVSS5.6AI score0.01223EPSS
Exploits0References6Affected Software2
Prion
Prion
added 2010/06/17 4:30 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in cmsdata.php in PHPCityPortal 1.3 allows remote attackers to inject arbitrary web script or HTML via the page parameter...

4.3CVSS6.1AI score0.00893EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2010/06/17 4:0 p.m.16 views

CVE-2010-2318

Cross-site scripting XSS vulnerability in cmsdata.php in PHPCityPortal 1.3 allows remote attackers to inject arbitrary web script or HTML via the page parameter...

5.7AI score0.00893EPSS
Exploits1References2
Prion
Prion
added 2010/06/15 6:0 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing...

4.3CVSS5.9AI score0.05897EPSS
Exploits0References28Affected Software2
UbuntuCve
UbuntuCve
added 2010/06/15 6:0 p.m.21 views

CVE-2010-2179

Cross-site scripting XSS vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing...

4.3CVSS5.9AI score0.05897EPSS
Exploits0References2
NVD
NVD
added 2010/06/15 2:30 p.m.23 views

CVE-2010-2273

Multiple cross-site scripting XSS vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to...

4.3CVSS5.8AI score0.04545EPSS
Exploits1References14
NVD
NVD
added 2010/06/15 2:30 p.m.18 views

CVE-2010-2281

Multiple cross-site scripting XSS vulnerabilities in index.php in TomatoCMS 2.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 keyword or 2 bannerid parameter in conjunction with a /admin/ad/banner/list PATHINFO; and allow remote authenticated users, with certain...

4.3CVSS5.5AI score0.00845EPSS
Exploits0References2
Rows per page
Query Builder