6892 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 home.html or 2 lands.html...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in pagenumber.inc.php in phpPowerCards 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO, the 2 archiv parameter, and the 3 subcat parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in searchadvance.asp in Active Business Directory 2 allows remote attackers to inject arbitrary web script or HTML via the search parameter...
CVE-2009-4458
Multiple cross-site scripting XSS vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the 1 tech parameter to admin/admin/config.php during a trunks display action, the 2 description parameter during an Add...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in map.php in LiveZilla 3.1.8.3 allow remote attackers to inject arbitrary web script or HTML via the 1 lat, 2 lng, and 3 zom parameters, which are not properly handled when processed with templates/map.tpl...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities on the Network Management Card NMC on American Power Conversion APC Switched Rack PDU aka Rack Mount Power Distribution devices and other devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the...
CVE-2009-1798
Multiple cross-site scripting XSS vulnerabilities on the Network Management Card NMC on American Power Conversion APC Switched Rack PDU aka Rack Mount Power Distribution devices and other devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in texmedia Million Pixel Script 3 allows remote attackers to inject arbitrary web script or HTML via the pa parameter. NOTE: some of these details are obtained from third party information...
CVE-2009-4381
Cross-site scripting XSS vulnerability in index.php in texmedia Million Pixel Script 3 allows remote attackers to inject arbitrary web script or HTML via the pa parameter. NOTE: some of these details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in the Random Prayer 2 steprayer2 extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4371
Cross-site scripting XSS vulnerability in the Locale module modules/locale/locale.module in Drupal Core 6.14, and possibly other versions including 6.15, allows remote authenticated users with "administer languages" permissions to inject arbitrary web script or HTML via the 1 Language name in...
Cross site scripting
Cross-site scripting XSS vulnerability in the Menu module modules/menu/menu.admin.inc in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to create new menus to inject arbitrary web script or HTML via a menu description, which is not properly handled in the menu...
CVE-2009-4370
Cross-site scripting XSS vulnerability in the Menu module modules/menu/menu.admin.inc in Drupal Core 6.x before 6.15 allows remote authenticated users with permissions to create new menus to inject arbitrary web script or HTML via a menu description, which is not properly handled in the menu...
Cross site scripting
Cross-site scripting XSS vulnerability in the Locale module modules/locale/locale.module in Drupal Core 6.14, and possibly other versions including 6.15, allows remote authenticated users with "administer languages" permissions to inject arbitrary web script or HTML via the 1 Language name in...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Blog allows remote attackers to inject arbitrary web script or HTML via the cname parameter, related to the act and id parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in TransWARE Active! mail 2003 build 2003.0139.0871 and earlier, and possibly other versions before 2003.0139.0939, allow remote attackers to inject arbitrary web script or HTML via the 1 From, 2 To, 3 Cc, and 4 Bcc parameters...
CVE-2009-4352
Multiple cross-site scripting XSS vulnerabilities in TransWARE Active! mail 2003 build 2003.0139.0871 and earlier, and possibly other versions before 2003.0139.0939, allow remote attackers to inject arbitrary web script or HTML via the 1 From, 2 To, 3 Cc, and 4 Bcc parameters...
CVE-2009-4352
Multiple cross-site scripting XSS vulnerabilities in TransWARE Active! mail 2003 build 2003.0139.0871 and earlier, and possibly other versions before 2003.0139.0939, allow remote attackers to inject arbitrary web script or HTML via the 1 From, 2 To, 3 Cc, and 4 Bcc parameters...
CVE-2009-4340
Cross-site scripting XSS vulnerability in the No indexed Search noindexedsearch extension 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4346
Cross-site scripting XSS vulnerability in the Frontend news submitter with RTE fertenews extension 1.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...