6892 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the My Car commycar component 1.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the modveh parameter to index.php...
Cross site scripting
Cross-site scripting XSS vulnerability in signinform.php in Zeeways eBay Clone Auction Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-2147
Cross-site scripting XSS vulnerability in the My Car commycar component 1.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the modveh parameter to index.php...
CVE-2009-4882
Cross-site scripting XSS vulnerability in zc/publisher/html.rb in ZoneCheck 2.0.4-13 and 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the ns parameter to zc.cgi...
CVE-2009-4882
Cross-site scripting XSS vulnerability in zc/publisher/html.rb in ZoneCheck 2.0.4-13 and 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the ns parameter to zc.cgi...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Rotor Banner module 5.x before 5.x-1.8 and 6.x before 6.x-2.5 for Drupal allow remote authenticated users, with "create rotor item" or "edit any rotor item" privileges, to inject arbitrary web script or HTML via the 1 srs, 2 title, or 3 alt...
Cross site scripting
Cross-site scripting XSS vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary w...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the ActiveHelper LiveHelp comactivehelperlivehelp component 2.0.3 for Joomla! allow remote attackers to inject arbitrary web script or HTML via 1 the DOMAINID parameter to server/cookies.php or 2 the SERVER parameter to server/index.php...
CVE-2010-2041
Multiple cross-site scripting XSS vulnerabilities in index.php in PHP-Calendar before 2.0 Beta7 allow remote attackers to inject arbitrary web script or HTML via the 1 description and 2 lastaction parameters...
CVE-2010-2038
Cross-site scripting XSS vulnerability in include/tool/editingfiles.php in gpEasy CMS 1.6.2 allows remote authenticated users, with Edit privileges, to inject arbitrary web script or HTML via the gpcontent parameter to index.php. NOTE: some of these details are obtained from third party informati...
Cross site scripting
Cross-site scripting XSS vulnerability in cp/editemail.php in LiSK CMS 4.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in cp/listcontent.php in LiSK CMS 4.4 allows remote attackers to inject arbitrary web script or HTML via the cl or possibly id parameter...
CVE-2010-2017
Cross-site scripting XSS vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to inject arbitrary web script or HTML via the kata parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-2001
Cross-site scripting XSS vulnerability in the CiviRegister module before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI...
CVE-2010-1995
Multiple cross-site scripting XSS vulnerabilities in index.php in TomatoCMS before 2.0.5 allow remote authenticated users, with "Add new article" privileges, to inject arbitrary web script or HTML via the 1 title, 2 subTitle, and 3 author parameters in conjunction with a /admin/news/article/add...
Cross site scripting
Cross-site scripting XSS vulnerability in misc/getadmin.php in Advanced Poll 2.08 allows remote attackers to inject arbitrary web script or HTML via the mysqlhost parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in admin/edit.php in Saurus CMS 4.7.0 allows remote authenticated users, with "Article list" edit privileges, to inject arbitrary web script or HTML via the pealkiri parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the Bibliography Biblio module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...
CVE-2010-2001
Cross-site scripting XSS vulnerability in the CiviRegister module before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI...
CVE-2010-1995
Multiple cross-site scripting XSS vulnerabilities in index.php in TomatoCMS before 2.0.5 allow remote authenticated users, with "Add new article" privileges, to inject arbitrary web script or HTML via the 1 title, 2 subTitle, and 3 author parameters in conjunction with a /admin/news/article/add...