Lucene search
K

6892 matches found

Prion
Prion
added 2009/12/17 5:30 p.m.22 views

Design/Logic Flaw

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to...

6.8CVSS6.5AI score0.04745EPSS
Exploits7References25Affected Software2
NVD
NVD
added 2009/12/17 5:30 p.m.19 views

CVE-2009-4348

Cross-site scripting XSS vulnerability in index.php in Harold Bakker's NewsScript HB-NS 1.3 allows remote attackers to inject arbitrary web script or HTML via the topic parameter in a topic action, a different vector than CVE-2006-2146...

4.3CVSS5.6AI score0.00871EPSS
Exploits1References2
NVD
NVD
added 2009/12/17 5:30 p.m.12 views

CVE-2009-4340

Cross-site scripting XSS vulnerability in the No indexed Search noindexedsearch extension 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01022EPSS
Exploits0References3
Prion
Prion
added 2009/12/17 5:30 p.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the ZID Linkliste zidlinklist extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.2AI score0.01022EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/12/16 6:30 p.m.33 views

CVE-2009-3731

Multiple cross-site scripting XSS vulnerabilities in WebWorks Help 2.0 through 5.0 in VMware vCenter 4.0 before Update 1 Build 208156; VMware Server 2.0.2; VMware ESX 4.0; VMware Lab Manager 2.x; VMware vCenter Lab Manager 3.x and 4.x before 4.0.1; VMware Stage Manager 1.x before 4.0.1; WebWorks...

4.3CVSS5.7AI score0.02777EPSS
Exploits1References14
Prion
Prion
added 2009/12/15 6:30 p.m.25 views

Cross site scripting

Cross-site scripting XSS vulnerability in JMX-Console in JBossAs in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 allows remote attackers to inject arbitrary web script or HTML via the filter parameter, related to the key...

4.3CVSS6.1AI score0.02326EPSS
Exploits1References10Affected Software1
Prion
Prion
added 2009/12/15 6:30 p.m.21 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject arbitrary web script or HTML...

4.3CVSS5.9AI score0.0253EPSS
Exploits1References15Affected Software1
UbuntuCve
UbuntuCve
added 2009/12/15 6:30 p.m.30 views

CVE-2009-2405

Multiple cross-site scripting XSS vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject arbitrary web script or HTML...

4.3CVSS6AI score0.0253EPSS
Exploits1References1
Cvelist
Cvelist
added 2009/12/14 11:0 p.m.16 views

CVE-2009-4320

Cross-site scripting XSS vulnerability in searchform.php in The Next Generation of Genealogy Sitebuilding TNG 7.1.2 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

5.7AI score0.01062EPSS
Exploits1References3
NVD
NVD
added 2009/12/14 9:17 p.m.15 views

CVE-2009-4317

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Cart allows remote attackers to inject arbitrary web script or HTML via the sid parameter in a showcat action...

4.3CVSS5.7AI score0.01097EPSS
Exploits1References4
Prion
Prion
added 2009/12/14 9:17 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in searchresultsmain.php in ZeeLyrics 3x allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6AI score0.00855EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2009/12/14 9:17 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Cart allows remote attackers to inject arbitrary web script or HTML via the sid parameter in a showcat action...

4.3CVSS6.1AI score0.01097EPSS
Exploits1References4
Cvelist
Cvelist
added 2009/12/14 9:0 p.m.23 views

CVE-2009-4316

Cross-site scripting XSS vulnerability in searchresultsmain.php in ZeeLyrics 3x allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5.6AI score0.00855EPSS
Exploits0References1
NVD
NVD
added 2009/12/10 11:30 p.m.18 views

CVE-2009-4237

Multiple cross-site scripting XSS vulnerabilities in TestLink before 1.8.5 allow remote attackers to inject arbitrary web script or HTML via 1 the req parameter to login.php, and allow remote authenticated users to inject arbitrary web script or HTML via 2 the key parameter to...

3.5CVSS5.3AI score0.03306EPSS
Exploits7References9
Prion
Prion
added 2009/12/10 11:30 p.m.11 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in TestLink before 1.8.5 allow remote attackers to inject arbitrary web script or HTML via 1 the req parameter to login.php, and allow remote authenticated users to inject arbitrary web script or HTML via 2 the key parameter to...

3.5CVSS5.7AI score0.03306EPSS
Exploits7References9Affected Software1
Prion
Prion
added 2009/12/10 4:30 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in YABSoft Advanced Image Hosting AIH Script 2.2, and possibly 2.3, allows remote attackers to inject arbitrary web script or HTML via the text parameter...

4.3CVSS6.2AI score0.01449EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2009/12/10 1:30 a.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in dspStats.php in PowerPhlogger 2.2.5 allows remote attackers to inject arbitrary web script or HTML via the edit parameter...

4.3CVSS6.1AI score0.01452EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2009/12/09 7:30 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Web console in IBM InfoSphere Information Server 8.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01263EPSS
Exploits0References7Affected Software1
Prion
Prion
added 2009/12/09 6:30 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the web interface in CA Service Desk 12.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter...

4.3CVSS6.2AI score0.00845EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2009/12/09 6:30 p.m.20 views

CVE-2009-4149

Cross-site scripting XSS vulnerability in the web interface in CA Service Desk 12.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter...

4.3CVSS5.7AI score0.00845EPSS
Exploits0References2
Rows per page
Query Builder