6892 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in eTek Systems Hit Counter 2.0 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php, 2 inc/login.php, 3 admin/index.php, and 4 admin/forgot.php...
CVE-2010-0938
Cross-site scripting XSS vulnerability in todooforum.php in Todoo Forum 2.0 allows remote attackers to inject arbitrary web script or HTML via the idforum parameter in a post action...
CVE-2010-0927
Cross-site scripting XSS vulnerability in help/readme.nsf/Header in the Help component in IBM Lotus Domino 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the BaseTarget parameter in an OpenPage action. NOTE: this may overlap CVE-2010-0920...
Cross site scripting
Cross-site scripting XSS vulnerability in help/readme.nsf/Header in the Help component in IBM Lotus Domino 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the BaseTarget parameter in an OpenPage action. NOTE: this may overlap CVE-2010-0920...
Cross site scripting
Cross-site scripting XSS vulnerability in the WebAccess component in Novell GroupWise 7.0 before 7.03 HP4 and 8.0 before 8.0 SP1 allows remote attackers to inject arbitrary web script or HTML via the User.Theme.index parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in IBM Lotus iNotes aka Domino Web Access or DWA before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php/Special/Main/Templates in WikyBlog 1.7.2 and 1.7.3 rc2 allows remote attackers to inject arbitrary web script or HTML via the which parameter in a copy action...
Cross site scripting
Cross-site scripting XSS vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management WCM, and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr...
Cross site scripting
Cross-site scripting XSS vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp601500801 allows remote attackers to inject arbitrary web script or HTML via the search field...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in VideoSearchScript Pro 3.5 allows remote attackers to inject arbitrary web script or HTML via the q parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the console in Symantec IM Manager 8.3 and 8.4 before 8.4.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in WampServer 2.0i allows remote attackers to inject arbitrary web script or HTML via the lang parameter...
CVE-2009-4651
Multiple cross-site scripting XSS vulnerabilities in the Webee Comments comwebeecomment component 1.1.1, 1.2, and 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the 1 color, 2 img, or 3 url BBCode tags in unspecified vectors...
CVE-2010-0641
Cross-site scripting XSS vulnerability in webline/html/admin/wcs/LoginPage.jhtml in Cisco Collaboration Server CCS 5 allows remote attackers to inject arbitrary web script or HTML via the dest parameter...
CVE-2003-1583
Cross-site scripting XSS vulnerability in WebTrends allows remote attackers to inject arbitrary web script or HTML via a crafted client domain name, related to an "Inverse Lookup Log Corruption ILLC" issue...
CVE-2003-1584
Cross-site scripting XSS vulnerability in SurfStats allows remote attackers to inject arbitrary web script or HTML via a crafted client domain name, related to an "Inverse Lookup Log Corruption ILLC" issue...
Cross site scripting
Cross-site scripting XSS vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.21, 8.12.7, and 8.05; allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is not...
Cross site scripting
Cross-site scripting XSS vulnerability in scvrtsrv.cmd in Comtrend CT-507IT ADSL Router allows remote attackers to inject arbitrary web script or HTML via the srvName parameter...
CVE-2010-0468
Cross-site scripting XSS vulnerability in utilities/longproc.cfm in PaperThin CommonSpot Content Server allows remote attackers to inject arbitrary web script or HTML via the url parameter...
CVE-2010-0376
Cross-site scripting XSS vulnerability in productlist.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote attackers to inject arbitrary web script or HTML via the cat parameter. NOTE: this issue is reportedly resultant from a forced SQL error message that occurs from exploitation ...