6892 matches found
CVE-2010-1724
Multiple cross-site scripting XSS vulnerabilities in Zikula Application Framework 1.2.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 func parameter to index.php, or the 2 lang parameter to index.php, which is not properly handled by ZLanguage.php...
CVE-2010-1709
Multiple cross-site scripting XSS vulnerabilities in upload.cgi in G5-Scripts Auto-Img-Gallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 user and 2 pass parameters...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in indexsearch.php in 2daybiz Polls aka Advanced Poll Script allow remote attackers to inject arbitrary web script or HTML via the 1 category parameter or 2 search field...
CVE-2010-1712
Multiple cross-site scripting XSS vulnerabilities in base/Comments.php in Webmobo WB News 2.3.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name and possibly 2 message parameters. NOTE: some of these details are obtained from third party information...
CVE-2010-1703
Multiple cross-site scripting XSS vulnerabilities in indexsearch.php in 2daybiz Polls aka Advanced Poll Script allow remote attackers to inject arbitrary web script or HTML via the 1 category parameter or 2 search field...
Cross site scripting
Cross-site scripting XSS vulnerability in layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in NCT Jobs Portal Script allow remote attackers to inject arbitrary web script or HTML via the 1 search, 2 Keywords, 3 Tags, or 4 Desired City field...
CVE-2010-1609
Cross-site scripting XSS vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-1606
Multiple cross-site scripting XSS vulnerabilities in NCT Jobs Portal Script allow remote attackers to inject arbitrary web script or HTML via the 1 search, 2 Keywords, 3 Tags, or 4 Desired City field...
CVE-2010-1036
Cross-site scripting XSS vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-1036
Cross-site scripting XSS vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script...
CVE-2009-4822
Multiple cross-site scripting XSS vulnerabilities in index.php in Kasseler CMS 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 do, 2 id, and 3 uname parameters...
CVE-2009-4823
CVE-2009-4823 is an XSS vulnerability in the cPanel frontend (frontend/x3/files/fileop.html) present in versions 11.0 through 11.24.7. The vulnerability allows remote attackers to inject arbitrary web script or HTML through the fileop parameter. The connected documents confirm the affected produc...
CVE-2009-4822
Multiple cross-site scripting XSS vulnerabilities in index.php in Kasseler CMS 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 do, 2 id, and 3 uname parameters...
CVE-2010-1539
Cross-site scripting XSS vulnerability in the Workflow module 5.x-2.x before 5.x-2.6 and 6.x-1.x before 6.x-1.4 for Drupal, when used with the Token module, might allow remote authenticated users to inject arbitrary web script or HTML via a certain Comment field...
CVE-2010-1530
Multiple cross-site scripting XSS vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks privileges, to inject arbitrary web script or HTML via 1 strings used in block translation or 2 the...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks privileges, to inject arbitrary web script or HTML via 1 strings used in block translation or 2 the...
CVE-2010-1504
Cross-site scripting XSS vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI...