6892 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Activities pages in the Mobile subsystem in IBM Lotus Connections 2.5.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Amiro.CMS 5.4.0.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the statusmessage parameter to 1 /news, 2 /comment, 3 /forum, 4 /blog, and 5 /tags; the statusmessage parameter to 6 forum.php, 7 discussion.php, 8...
Cross site scripting
Cross-site scripting XSS vulnerability in Abuse 5.x before 5.x-2.1 and 6.x before 6.x-1.1-alpha1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-3786
Cross-site scripting XSS vulnerability in Organic Groups OG Vocabulary 5.x before 5.x-1.1 and 6.x before 6.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the group title...
CVE-2009-3779
Cross-site scripting XSS vulnerability in vCard 5.x before 5.x-1.4 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the addition of the themevcard function to a theme and the use of default content...
CVE-2009-3780
Cross-site scripting XSS vulnerability in Abuse 5.x before 5.x-2.1 and 6.x before 6.x-1.1-alpha1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-3757
Multiple cross-site scripting XSS vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter to config/edituser.php; 2 location, 3 sessionid, and 4 vmname parameters to console.php;...
Cross site scripting
Cross-site scripting XSS vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the ReqWeb Help feature aka the Web Client Help system in IBM Rational RequisitePro 7.1.0 allow remote attackers to inject arbitrary web script or HTML via 1 the operation parameter to ReqWebHelp/advanced/workingSet.jsp, or the 2 searchWord, 3...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Achievo before 1.4.0 allow remote attackers to inject arbitrary web script or HTML via 1 the scheduler title in the scheduler module, and the 2 atksearchcontractnumber, 3 atksearchAEcustomercustomer, 4 atksearchmodecontracttype, and possibly 5...
Cross site scripting
Cross-site scripting XSS vulnerability in the console in Symantec SecurityExpressions Audit and Compliance Server 4.1.1, 4.1, and earlier allows remote authenticated users to inject arbitrary web script or HTML via "external client input" that triggers crafted error messages...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in hq/web/common/GenericError.jsp in the generic exception handler in the web interface in SpringSource Hyperic HQ 3.2.x before 3.2.6.1, 4.0.x before 4.0.3.1, 4.1.x before 4.1.2.1, and 4.2-beta1; Application Management Suite AMS 2.0.0.SR3; and tc...
CVE-2009-2897
Multiple cross-site scripting XSS vulnerabilities in hq/web/common/GenericError.jsp in the generic exception handler in the web interface in SpringSource Hyperic HQ 3.2.x before 3.2.6.1, 4.0.x before 4.0.3.1, 4.1.x before 4.1.2.1, and 4.2-beta1; Application Management Suite AMS 2.0.0.SR3; and tc...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Nullam Blog 0.1.2 allows remote attackers to inject arbitrary web script or HTML via the e parameter in an error action...
CVE-2009-3653
Cross-site scripting XSS vulnerability in the additional links interface in XML Sitemap 5.x-1.6, a module for Drupal, allows remote authenticated users, with "administer site configuration" permission, to inject arbitrary web script or HTML via unspecified vectors, related to link path output...
Cross site scripting
Cross-site scripting XSS vulnerability in the additional links interface in XML Sitemap 5.x-1.6, a module for Drupal, allows remote authenticated users, with "administer site configuration" permission, to inject arbitrary web script or HTML via unspecified vectors, related to link path output...
CVE-2009-3649
Cross-site scripting XSS vulnerability in forums/index.php in Power Bulletin Board PBBoard 2.0.2 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter in a newtopic action...
CVE-2009-3647
Cross-site scripting XSS vulnerability in emaullinks.php in YABSoft Mega File Hosting Script aka MFH or MFHS 1.2 allows remote attackers to inject arbitrary web script or HTML via the moudi parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
Cross site scripting
Cross-site scripting XSS vulnerability in demopage.php in Scriptsez Ultimate Poll allows remote attackers to inject arbitrary web script or HTML via the clr parameter in a vote action...
Cross site scripting
Cross-site scripting XSS vulnerability in customer/home.php in Qualiteam X-Cart allows remote attackers to inject arbitrary web script or HTML via the email parameter in a subscribed action, a different vector than CVE-2005-1823...