6892 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in HP Project and Portfolio Management Center PPMC, formerly Mercury IT Governance 7.1 through SP10 and 7.5 through SP3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4746
Cross-site scripting XSS vulnerability in index.php in Dreamlevels DreamPoll 3.1 allows remote attackers to inject arbitrary web script or HTML via the recordsPerPage parameter in a polldefault login action...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Dreamlevels DreamPoll 3.1 allows remote attackers to inject arbitrary web script or HTML via the recordsPerPage parameter in a polldefault login action...
Cross site scripting
Cross-site scripting XSS vulnerability in the Contact module in Exponent CMS 0.97-GA20090213 allows remote attackers to inject arbitrary web script or HTML via the email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-4505
Multiple cross-site scripting XSS vulnerabilities in OpenCMS OAMP Comments Module 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the name field in a comment, and other unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages...
Cross site scripting
Cross-site scripting XSS vulnerability in the Recent Comments module 5.x through 5.x-1.2 and 6.x through 6.x-1.0 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a "custom block title interface."...
CVE-2010-1111
Multiple cross-site scripting XSS vulnerabilities in Jokes Complete Website allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to joke.php and the 2 searchingred parameter to results.php...
CVE-2010-1107
Cross-site scripting XSS vulnerability in the Recent Comments module 5.x through 5.x-1.2 and 6.x through 6.x-1.0 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a "custom block title interface."...
CVE-2010-1113
Cross-site scripting XSS vulnerability in the forum page in Web Server Creator - Web Portal 0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to index.php...
CVE-2010-1105
CVE-2010‑1105 is an XSS vulnerability affecting AdvertisementManager 3.1.0 and 3.6 in the CGI path cgi/index.php, exploitable via the usr parameter. The issue is confirmed across multiple sources (NVD and CVE records) with a base CVSS2 score of 4.3 (MEDIUM) and no exploitation details provided in...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite AMS before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic HQ 4.0 Enterprise before 4.0.3.2, and Hyperic HQ 4.1 Enterprise before 4.1.2.1 allow remote attackers t...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Entry Level CMS EL CMS allows remote attackers to inject arbitrary web script or HTML via the subj parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the details are...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in CommonSense CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in surgeftpmgr.cgi in NetWin SurgeFTP 2.3a6 allow remote attackers to inject arbitrary web script or HTML via the 1 domainid or 2 classid parameter in a class action...
CVE-2009-4736
Cross-site scripting XSS vulnerability in search.php in CommonSense CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter...
CVE-2010-1052
Multiple cross-site scripting XSS vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to inject arbitrary web script or HTML via the 1 year and 2 mday parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2010-0465
Cross-site scripting XSS vulnerability in the online Documents functionality in SugarCRM 5.2.x before 5.2.0l and 5.5.x before 5.5.0a allows remote authenticated users to inject arbitrary web script or HTML via the Document Name field...
Cross site scripting
Cross-site scripting XSS vulnerability in the TGM-Newsletter tgmnewsletter extension 0.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...