Lucene search
K

6892 matches found

Prion
Prion
added 2009/11/24 2:30 a.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Agreement module 6.x before 6.x-1.2 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01223EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2009/11/24 2:30 a.m.13 views

CVE-2009-4063

Cross-site scripting XSS vulnerability in the Subgroups for Organic Groups OG module 5.x before 5.x-4.0 and 5.x before 5.x-3.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified node titles...

4.3CVSS5.8AI score0.01223EPSS
Exploits0References6
Cvelist
Cvelist
added 2009/11/24 2:0 a.m.18 views

CVE-2009-4064

Cross-site scripting XSS vulnerability in the Gallery Assist module 6.x before 6.x-1.7 for Drupal allows remote attackers to inject arbitrary web script or HTML via node titles...

5.7AI score0.01223EPSS
Exploits0References6
Cvelist
Cvelist
added 2009/11/24 2:0 a.m.23 views

CVE-2009-4065

Cross-site scripting XSS vulnerability in the settings page in the Strongarm module 6.x before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the value field when viewing overridden variables...

5.7AI score0.01223EPSS
Exploits0References6
NVD
NVD
added 2009/11/23 5:30 p.m.20 views

CVE-2009-4052

Multiple cross-site scripting XSS vulnerabilities in the JSF Widget Library Runtime in IBM Rational Application Developer for WebSphere Software before 7.0.0.10 and Rational Software Architect before 7.0.0.10 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 th...

4.3CVSS5.6AI score0.01982EPSS
Exploits0References8
Prion
Prion
added 2009/11/23 5:30 p.m.38 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PHD Help Desk 1.43 allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to area.php; the 2 pagina, 3 sentido, 4 qregistros, and 5 orden parameters to area.php; 6 the qregistros parameter to solicdisplay.php; 7 the...

4.3CVSS6AI score0.01943EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2009/11/20 7:30 p.m.21 views

CVE-2009-4038

Multiple cross-site scripting XSS vulnerabilities in NCH Software Axon Virtual PBX 2.10 and 2.11 allow remote attackers to inject arbitrary web script or HTML via the 1 onok or 2 oncancel parameter to the logon program. NOTE: the provenance of this information is unknown; the details are obtained...

4.3CVSS5.7AI score0.02412EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/11/17 6:30 p.m.13 views

CVE-2009-3891

Cross-site scripting XSS vulnerability in wp-admin/press-this.php in WordPress before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML via the s parameter aka the selection variable...

3.5CVSS5.9AI score0.02101EPSS
Exploits0References1
Prion
Prion
added 2009/11/17 6:30 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields...

4.3CVSS6.2AI score0.01083EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2009/11/10 2:30 a.m.15 views

CVE-2009-3618

Cross-site scripting XSS vulnerability in viewvc.py in ViewVC 1.0 before 1.0.9 and 1.1 before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the view parameter. NOTE: some of these details are obtained from third party information...

4.3CVSS6AI score0.01604EPSS
Exploits0References1
NVD
NVD
added 2009/11/09 5:30 p.m.15 views

CVE-2009-3914

Cross-site scripting XSS vulnerability in the Temporary Invitation module 5.x before 5.x-2.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via the Name field in an invitation...

4.3CVSS5.7AI score0.01223EPSS
Exploits0References6
Prion
Prion
added 2009/11/06 3:30 p.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in e-Courier CMS allow remote attackers to inject arbitrary web script or HTML via the UserGUID parameter to 1 Wizardtracking.asp, 2 wizardoe2.asp, 3 your-register.asp, 4 main-whyregister.asp, and 5 your.asp in home/, and other unspecified vectors...

4.3CVSS5.8AI score0.01276EPSS
Exploits0References1
NVD
NVD
added 2009/11/06 3:30 p.m.11 views

CVE-2009-3905

Multiple cross-site scripting XSS vulnerabilities in e-Courier CMS allow remote attackers to inject arbitrary web script or HTML via the UserGUID parameter to 1 Wizardtracking.asp, 2 wizardoe2.asp, 3 your-register.asp, 4 main-whyregister.asp, and 5 your.asp in home/, and other unspecified vectors...

4.3CVSS5.6AI score0.01276EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2009/11/06 3:30 p.m.22 views

CVE-2009-3300

Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...

2.6CVSS5.9AI score0.01673EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2009/11/06 3:0 p.m.21 views

CVE-2009-3300

Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...

2.6CVSS5.6AI score0.01673EPSS
Exploits0
Patchstack
Patchstack
added 2009/11/05 12:0 a.m.13 views

WordPress <= 2.8.5 - XSS

Because of this vulnerability in wp-admin/press-this.php, authenticated users can inject arbitrary web script or HTML via the "s" parameter. Solution Update WordPress...

3.5CVSS1.8AI score0.02101EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2009/11/02 3:30 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the t3libdiv::quoteJSvalue API function in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the sanitizing...

4.3CVSS5.9AI score0.0095EPSS
Exploits0References7Affected Software1
Prion
Prion
added 2009/11/02 3:30 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Frontend Login Box aka felogin subcomponent in TYPO3 4.2.0 through 4.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

4.3CVSS5.9AI score0.01962EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2009/11/02 3:30 p.m.27 views

CVE-2009-3629

Multiple cross-site scripting XSS vulnerabilities in the Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.2AI score0.01537EPSS
Exploits0References7
Cvelist
Cvelist
added 2009/11/02 3:0 p.m.20 views

CVE-2009-3833

Cross-site scripting XSS vulnerability in index.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the album parameter...

5.7AI score0.01269EPSS
Exploits1References2
Rows per page
Query Builder