6892 matches found
Design/Logic Flaw
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to...
CVE-2009-4348
Cross-site scripting XSS vulnerability in index.php in Harold Bakker's NewsScript HB-NS 1.3 allows remote attackers to inject arbitrary web script or HTML via the topic parameter in a topic action, a different vector than CVE-2006-2146...
CVE-2009-4340
Cross-site scripting XSS vulnerability in the No indexed Search noindexedsearch extension 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the ZID Linkliste zidlinklist extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-3731
Multiple cross-site scripting XSS vulnerabilities in WebWorks Help 2.0 through 5.0 in VMware vCenter 4.0 before Update 1 Build 208156; VMware Server 2.0.2; VMware ESX 4.0; VMware Lab Manager 2.x; VMware vCenter Lab Manager 3.x and 4.x before 4.0.1; VMware Stage Manager 1.x before 4.0.1; WebWorks...
Cross site scripting
Cross-site scripting XSS vulnerability in JMX-Console in JBossAs in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 allows remote attackers to inject arbitrary web script or HTML via the filter parameter, related to the key...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject arbitrary web script or HTML...
CVE-2009-2405
Multiple cross-site scripting XSS vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject arbitrary web script or HTML...
CVE-2009-4320
Cross-site scripting XSS vulnerability in searchform.php in The Next Generation of Genealogy Sitebuilding TNG 7.1.2 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2009-4317
Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Cart allows remote attackers to inject arbitrary web script or HTML via the sid parameter in a showcat action...
Cross site scripting
Cross-site scripting XSS vulnerability in searchresultsmain.php in ZeeLyrics 3x allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in ScriptsEz Ez Cart allows remote attackers to inject arbitrary web script or HTML via the sid parameter in a showcat action...
CVE-2009-4316
Cross-site scripting XSS vulnerability in searchresultsmain.php in ZeeLyrics 3x allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-4237
Multiple cross-site scripting XSS vulnerabilities in TestLink before 1.8.5 allow remote attackers to inject arbitrary web script or HTML via 1 the req parameter to login.php, and allow remote authenticated users to inject arbitrary web script or HTML via 2 the key parameter to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in TestLink before 1.8.5 allow remote attackers to inject arbitrary web script or HTML via 1 the req parameter to login.php, and allow remote authenticated users to inject arbitrary web script or HTML via 2 the key parameter to...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in YABSoft Advanced Image Hosting AIH Script 2.2, and possibly 2.3, allows remote attackers to inject arbitrary web script or HTML via the text parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in dspStats.php in PowerPhlogger 2.2.5 allows remote attackers to inject arbitrary web script or HTML via the edit parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the Web console in IBM InfoSphere Information Server 8.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the web interface in CA Service Desk 12.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter...
CVE-2009-4149
Cross-site scripting XSS vulnerability in the web interface in CA Service Desk 12.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter...