Lucene search
K

6892 matches found

Prion
Prion
added 2010/06/15 2:30 p.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in TomatoCMS 2.0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 keyword or 2 article-id parameter in conjunction with a /admin/news/article/list PATHINFO; the 3 keyword parameter in conjunction...

2.6CVSS6AI score0.01028EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2010/06/15 2:30 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in TomatoCMS 2.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 keyword or 2 bannerid parameter in conjunction with a /admin/ad/banner/list PATHINFO; and allow remote authenticated users, with certain...

4.3CVSS5.8AI score0.00845EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2010/06/15 2:30 p.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Accoria Web Server aka Rock Web Server 1.4.7 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to the getenv sample program, 2 the desc parameter to loadstatic.cgi, 3 the name parameter to httpdcfg.cgi, or 4 t...

4.3CVSS6.1AI score0.00935EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2010/06/15 2:4 p.m.32 views

CVE-2010-2265

Cross-site scripting XSS vulnerability in the GetServerName function in sysinfo/commonFunc.js in Microsoft Windows Help and Support Center for Windows XP and Windows Server 2003 allows remote attackers to inject arbitrary web script or HTML via the svr parameter to sysinfo/sysinfomain.htm. NOTE:...

4.3CVSS6.1AI score0.2099EPSS
Exploits1References10
Prion
Prion
added 2010/06/15 2:4 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in dana/nc/ncrun.cgi in Juniper Networks IVE 6.5R1 Build 14599 and 6.5R2 Build 14951 allows remote attackers to inject arbitrary web script or HTML via the DSSignInURL cookie...

4.3CVSS6.2AI score0.01107EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2010/06/15 2:4 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field...

4.3CVSS6.1AI score0.00891EPSS
Exploits0References3
Cvelist
Cvelist
added 2010/06/15 1:0 a.m.18 views

CVE-2010-2290

Cross-site scripting XSS vulnerability in cgi-bin/cgix/help in McAfee Unified Threat Management UTM Firewall formerly SnapGear firmware 3.0.0 through 4.0.6 allows remote attackers to inject arbitrary web script or HTML via the page parameter...

5.8AI score0.01327EPSS
Exploits1References7
Cvelist
Cvelist
added 2010/06/14 7:0 p.m.20 views

CVE-2010-2277

Multiple cross-site scripting XSS vulnerabilities in IBM Lotus Connections 2.5.x before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 create or 2 edit form in the Communities component, the 3 verbiage field in the Bookmarks component, or 4 unspecified vectors...

5.6AI score0.01223EPSS
Exploits0References6
CVE
CVE
added 2010/06/14 6:0 p.m.80 views

CVE-2010-2265

CVE-2010-2265 is an XSS in the GetServerName function of sysinfo/commonFunc.js within Windows Help and Support Center on Windows XP and Windows Server 2003, exploitable via svr in sysinfo/sysinfomain.htm. It is paired with CVE-2010-1885, which covers HCP URL handling and can enable command execut...

4.3CVSS6.1AI score0.2099EPSS
Exploits1References10Affected Software3
NVD
NVD
added 2010/06/11 7:30 p.m.15 views

CVE-2010-0544

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to a malformed URL...

4.3CVSS5.2AI score0.02933EPSS
Exploits0References16
Cvelist
Cvelist
added 2010/06/11 5:28 p.m.24 views

CVE-2010-1389

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a 1 paste or 2 drag-and-drop operation for a...

7.3AI score0.02933EPSS
Exploits0References17
Debian CVE
Debian CVE
added 2010/06/11 5:28 p.m.24 views

CVE-2010-1394

Removed by vendor...

4.3CVSS6.7AI score0.02933EPSS
Exploits0
Prion
Prion
added 2010/06/11 2:30 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in poster.php in PHortail 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the 1 pseudo, 2 email, 3 ti, and 4 txt parameters...

4.3CVSS6.2AI score0.01756EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2010/06/09 8:30 p.m.19 views

CVE-2010-2256

Multiple cross-site scripting XSS vulnerabilities in Pay Per Minute Video Chat Script 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to admin/memberviewdetails.php and the 2 model parameter to videos.php...

4.3CVSS5.8AI score0.01453EPSS
Exploits1References3
Prion
Prion
added 2010/06/09 8:30 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in signupconfirm.php in phpBannerExchange 1.2 Arabic allows remote attackers to inject arbitrary web script or HTML via the bannerurl parameter...

4.3CVSS6.1AI score0.01044EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2010/06/08 8:30 p.m.26 views

CVE-2010-1257

Cross-site scripting XSS vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or...

4.3CVSS5.4AI score0.22159EPSS
Exploits1References7
NVD
NVD
added 2010/06/07 5:12 p.m.18 views

CVE-2010-2158

Multiple cross-site scripting XSS vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary web script or HTML via the 1 fullname, 2 phone, or 3 im parameter in a stormperson action to index.php...

2.1CVSS5.4AI score0.00662EPSS
Exploits0References2
Prion
Prion
added 2010/06/07 5:12 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary web script or HTML via the 1 fullname, 2 phone, or 3 im parameter in a stormperson action to index.php...

2.1CVSS5.6AI score0.00662EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2010/06/03 4:30 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability Fujitsu e-Pares V01 L01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01645EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2010/06/03 2:30 p.m.10 views

CVE-2010-2147

Cross-site scripting XSS vulnerability in the My Car commycar component 1.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the modveh parameter to index.php...

4.3CVSS5.7AI score0.03476EPSS
Exploits1References7
Rows per page
Query Builder