Lucene search
K

6892 matches found

Cvelist
Cvelist
added 2009/12/09 6:0 p.m.19 views

CVE-2009-4149

Cross-site scripting XSS vulnerability in the web interface in CA Service Desk 12.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter...

5.7AI score0.00845EPSS
Exploits0References2
Prion
Prion
added 2009/12/04 7:30 p.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in admin/index.php in moziloCMS 1.11.1 allow remote attackers to inject arbitrary web script or HTML via the 1 cat and 2 file parameters in an editsite action, different vectors than CVE-2008-6127 and CVE-2009-1367...

4.3CVSS5.8AI score0.01484EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2009/12/04 7:0 p.m.30 views

CVE-2009-4209

Multiple cross-site scripting XSS vulnerabilities in admin/index.php in moziloCMS 1.11.1 allow remote attackers to inject arbitrary web script or HTML via the 1 cat and 2 file parameters in an editsite action, different vectors than CVE-2008-6127 and CVE-2009-1367...

5.5AI score0.01189EPSS
Exploits1References2
Prion
Prion
added 2009/12/03 5:30 p.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01656EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2009/12/02 6:30 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in wp-cumulus.php in the WP-Cumulus Plug-in before 1.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.2AI score0.01795EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2009/12/02 5:30 p.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the newsletter configuration feature in the backend module in the Direct Mail directmail extension 2.6.4 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.7AI score0.00842EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2009/12/02 5:30 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the simple Glossar simpleglossar extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.2AI score0.00855EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2009/12/02 5:30 p.m.7 views

CVE-2009-4161

Cross-site scripting XSS vulnerability in the AN Search it! ansearchit extension 2.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00845EPSS
Exploits0References2
NVD
NVD
added 2009/12/02 5:30 p.m.20 views

CVE-2009-4164

Cross-site scripting XSS vulnerability in the simple Glossar simpleglossar extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00855EPSS
Exploits0References1
NVD
NVD
added 2009/12/02 5:30 p.m.20 views

CVE-2009-4157

Multiple cross-site scripting XSS vulnerabilities in index.php in the ProofReader comproofreader component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in 1 404 or 2 error pages...

4.3CVSS5.8AI score0.01189EPSS
Exploits1References2
Cvelist
Cvelist
added 2009/12/02 5:0 p.m.18 views

CVE-2009-4157

Multiple cross-site scripting XSS vulnerabilities in index.php in the ProofReader comproofreader component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in 1 404 or 2 error pages...

5.8AI score0.01189EPSS
Exploits1References2
Cvelist
Cvelist
added 2009/12/02 5:0 p.m.18 views

CVE-2009-4161

Cross-site scripting XSS vulnerability in the AN Search it! ansearchit extension 2.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.00845EPSS
Exploits0References2
NVD
NVD
added 2009/12/02 4:30 p.m.26 views

CVE-2009-4152

Cross-site scripting XSS vulnerability in the Collaboration component in IBM WebSphere Portal 6.1.x before 6.1.0.3 allows remote attackers to inject arbitrary web script or HTML via the people picker tag...

4.3CVSS5.6AI score0.01065EPSS
Exploits0References5
Prion
Prion
added 2009/12/02 4:30 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Collaboration component in IBM WebSphere Portal 6.1.x before 6.1.0.3 allows remote attackers to inject arbitrary web script or HTML via the people picker tag...

4.3CVSS5.9AI score0.01065EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2009/12/02 4:0 p.m.27 views

CVE-2009-4152

Cross-site scripting XSS vulnerability in the Collaboration component in IBM WebSphere Portal 6.1.x before 6.1.0.3 allows remote attackers to inject arbitrary web script or HTML via the people picker tag...

5.6AI score0.01065EPSS
Exploits0References5
NVD
NVD
added 2009/11/29 1:8 p.m.23 views

CVE-2009-4110

Cross-site scripting XSS vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page...

4.3CVSS5.6AI score0.01659EPSS
Exploits0References5
OSV
OSV
added 2009/11/29 1:7 p.m.4 views

CVE-2009-4032

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 graph.php, 2 include/topgraphheader.php, 3 lib/htmlform.php, and 4 lib/timespansettings.php, as demonstrated by the a graphend or b graphstart...

5.4AI score
Exploits0References25
NVD
NVD
added 2009/11/29 1:7 p.m.16 views

CVE-2009-4093

Multiple cross-site scripting XSS vulnerabilities in comments.php in Simplog 0.9.3.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 cname Name or 2 email parameters...

4.3CVSS5.9AI score0.03925EPSS
Exploits1References4
CVE
CVE
added 2009/11/28 11:0 a.m.66 views

CVE-2009-4110

The CVE-2009-4110 entry applies to DotNetNuke (DNN) 4.8.x through 5.1.4, where the Search functionality in SearchResults.aspx is vulnerable to cross-site scripting (XSS) due to insufficient sanitization of the user-provided search terms before dynamic HTML output. The vulnerability is exploitable...

4.3CVSS5.6AI score0.01659EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2009/11/24 5:30 p.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in www/help/tracker.php in GForge 4.5.14, 4.7 rc2, and 4.8.1 allows remote attackers to inject arbitrary web script or HTML via the helpname parameter...

4.3CVSS6.1AI score0.01679EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder