6892 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in index.html in Wowd client before 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 sortby, 2 tags, or 3 ctx parameter in a search action...
CVE-2009-4589
Cross-site scripting XSS vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter...
CVE-2009-4586
Multiple cross-site scripting XSS vulnerabilities in index.html in Wowd client before 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 sortby, 2 tags, or 3 ctx parameter in a search action...
CVE-2009-4589
Cross-site scripting XSS vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter...
CVE-2009-4579
Cross-site scripting XSS vulnerability in the Artist avenue comartistavenue component for Joomla! and Mambo allows remote attackers to inject arbitrary web script or HTML via the Itemid parameter to index.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Joomulus modjoomulus module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action to 1 tagcloudell.swf, 2 tagcloudeng.swf, 3 tagcloudpor.swf, 4 tagcloudrus.swf, and possibl...
CVE-2009-4573
Multiple cross-site scripting XSS vulnerabilities in the Joomulus modjoomulus module 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action to 1 tagcloudell.swf, 2 tagcloudeng.swf, 3 tagcloudpor.swf, 4 tagcloudrus.swf, and possibl...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in editprofile.php in Viscacha 0.8 Gold allow remote authenticated users to inject arbitrary web script or HTML via the 1 skype, 2 yahoo, 3 aol, 4 msn, or 5 jabber parameter in a profile2 action. NOTE: some of these details are obtained from third...
Cross site scripting
Cross-site scripting XSS vulnerability in PhpShop 0.8.1 allows remote attackers to inject arbitrary web script or HTML via the orderid parameter in an order/orderprint action to the default URI...
CVE-2009-4568
Cross-site scripting XSS vulnerability in Webmin before 1.500 and Usermin before 1.430 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4559
Cross-site scripting XSS vulnerability in the Submitted By module 6.x before 6.x-1.3 for Drupal allows remote authenticated users, with "administer content types" privileges, to inject arbitrary web script or HTML via an input string for "submitted by" text...
Cross site scripting
Cross-site scripting XSS vulnerability in main.php in SQLiteManager 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...
Hit Counter Cross Site Scripting
======================================================================================== | Title : Hit Counter Cross Site Scripting Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | Total alerts found : 4 ...
Cross site scripting
Cross-site scripting XSS vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools BIRT before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the report parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the RealName module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via a realname aka real name element...
CVE-2009-4513
Multiple cross-site scripting XSS vulnerabilities in the Workflow module 5.x before 5.x-2.4 and 6.x before 6.x-1.2, a module for Drupal, allow remote authenticated users, with "administer workflow" privileges, to inject arbitrary web script or HTML via the name of a 1 workflow or 2 workflow state...
CVE-2009-4525
Cross-site scripting XSS vulnerability in the Print aka Printer, e-mail and PDF versions module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via crafted data in a list of links...
CVE-2009-4514
Cross-site scripting XSS vulnerability in the OpenSocial Shindig-Integrator module 5.x and 6.x before 6.x-2.1, a module for Drupal, allows remote authenticated users, with "create application" privileges, to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in WorkArea/ContentDesigner/ekformsiframe.aspx in Ektron CMS400.NET 7.6.1.53 and 7.6.6.47, and possibly 7.52 through 7.66sp2, allow remote attackers to inject arbitrary web script or HTML via the 1 css, 2 eca, 3 id, and 4 skin parameters. NOTE: so...