6892 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the administrative user interface in Six Apart Movable Type 5.0 and 5.01 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Taxonomy Breadcrumb module 5.x before 5.x-1.5 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via the taxonomy term name in a Breadcrumb display...
Cross site scripting
Cross-site scripting XSS vulnerability in the Taxonomy Breadcrumb module 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via the node title in a Breadcrumb display...
CVE-2010-1584
Cross-site scripting XSS vulnerability in the Context module before 6.x-2.0-rc4 for Drupal allows remote authenticated users, with Administer Blocks privileges, to inject arbitrary web script or HTML via a block description...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in HP Insight Control Server Migration before 6.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-1872
Cross-site scripting XSS vulnerability in cPlayer.php in FlashCard 2.6.5 and 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: some of these details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in cPlayer.php in FlashCard 2.6.5 and 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-1872
Cross-site scripting XSS vulnerability in cPlayer.php in FlashCard 2.6.5 and 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: some of these details are obtained from third party information...
CVE-2009-4861
Cross-site scripting XSS vulnerability in shownews.php in SupportPRO SupportDesk 3.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Online Work Order Suite OWOS Lite Edition 3.10 allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 default.asp and 2 report.asp, and the 3 go parameter to login.asp...
Cross site scripting
Cross-site scripting XSS vulnerability in Hitron Soft Answer Me 1.0 allows remote attackers to inject arbitrary web script or HTML via the qid parameter to the answers script aka answers.php. NOTE: some of these details are obtained from third party information...
CVE-2009-4859
Multiple cross-site scripting XSS vulnerabilities in Online Work Order Suite OWOS Lite Edition 3.10 allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 default.asp and 2 report.asp, and the 3 go parameter to login.asp...
CVE-2009-4868
CVE-2009-4868 describes a cross-site scripting (XSS) vulnerability in Hitron Soft Answer Me 1.0. The issue allows remote attackers to inject arbitrary web script or HTML via the q_id parameter to the answers script (aka answers.php). The defect’s impact, as stated, is that an attacker can execute...
Cross site scripting
Cross-site scripting XSS vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the idauk parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; th...
CVE-2009-4848
Multiple cross-site scripting XSS vulnerabilities in ToutVirtual VirtualIQ Pro 3.2 build 7882 and 3.5 build 8691 allow remote attackers to inject arbitrary web script or HTML via the 1 userId parameter to tvserver/server/user/setPermissions.jsp, 2 deptName parameter to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in ToutVirtual VirtualIQ Pro 3.2 build 7882 and 3.5 build 8691 allow remote attackers to inject arbitrary web script or HTML via the 1 userId parameter to tvserver/server/user/setPermissions.jsp, 2 deptName parameter to...
CVE-2009-4842
Multiple cross-site scripting XSS vulnerabilities in ToutVirtual VirtualIQ Pro 3.5 build 8691 allow remote attackers to inject arbitrary web script or HTML via the 1 addNewDept, 2 deptId, or 3 deptDesc parameter to tvserver/server/user/addDepartment.jsp; or the 4 firstName, 5 lastName, or 6 email...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in ToutVirtual VirtualIQ Pro 3.5 build 8691 allow remote attackers to inject arbitrary web script or HTML via the 1 addNewDept, 2 deptId, or 3 deptDesc parameter to tvserver/server/user/addDepartment.jsp; or the 4 firstName, 5 lastName, or 6 email...
CVE-2009-4853
Multiple cross-site scripting XSS vulnerabilities in JumpBox before 1.1.2 for Foswiki Wiki System allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4842
Multiple cross-site scripting XSS vulnerabilities in ToutVirtual VirtualIQ Pro 3.5 build 8691 allow remote attackers to inject arbitrary web script or HTML via the 1 addNewDept, 2 deptId, or 3 deptDesc parameter to tvserver/server/user/addDepartment.jsp; or the 4 firstName, 5 lastName, or 6 email...