6892 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Freelancers 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to placebid.php and 2 jobid parameter to postresume.php...
CVE-2009-3601
Cross-site scripting XSS vulnerability in demopage.php in Scriptsez Ultimate Poll allows remote attackers to inject arbitrary web script or HTML via the clr parameter in a vote action...
Cross site scripting
Cross-site scripting XSS vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action...
CVE-2009-3562
Cross-site scripting XSS vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action...
Cross site scripting
Cross-site scripting XSS vulnerability in listads.php in YourFreeWorld Ultra Classifieds Pro allows remote attackers to inject arbitrary web script or HTML via the cn parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-3539
Multiple cross-site scripting XSS vulnerabilities in YourFreeWorld Ultra Classifieds Pro allow remote attackers to inject arbitrary web script or HTML via the 1 cname parameter to subclass.php and the 2 sn parameter to listads.php...
CVE-2009-3540
Cross-site scripting XSS vulnerability in listads.php in YourFreeWorld Ultra Classifieds Pro allows remote attackers to inject arbitrary web script or HTML via the cn parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in MyWeight 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 date parameter to useraddfood.php, info parameter to 2 userforgotpwdform.php and 3 userlogin.php, and 4 return parameter to userlogin.php...
CVE-2009-3509
Cross-site scripting XSS vulnerability in admin/adminindex.php in CJ Dynamic Poll PRO 2.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...
CVE-2009-3486
Multiple cross-site scripting XSS vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to 1 the pinghost program, reachable through the diagnose program; or 2 the traceroute program, reachab...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via 1 the JEXECOUTID parameter in a JEXECMODERELAYOUTPUT action to the jexec program; the 2 act, 3 refresh-time, or 4 ifid...
CVE-2009-3496
Cross-site scripting XSS vulnerability in viewmag.php in Vastal I-Tech DVD Zone allows remote attackers to inject arbitrary web script or HTML via the magid parameter...
CVE-2009-3487
Multiple cross-site scripting XSS vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via 1 the JEXECOUTID parameter in a JEXECMODERELAYOUTPUT action to the jexec program; the 2 act, 3 refresh-time, or 4 ifid...
CVE-2009-3485
Cross-site scripting XSS vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the default URI...
Cross site scripting
Cross-site scripting XSS vulnerability in profiles/html/simpleSearch.do in IBM Lotus Connections 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter...
CVE-2009-3469
Cross-site scripting XSS vulnerability in profiles/html/simpleSearch.do in IBM Lotus Connections 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in IBM Lotus Quickr 8.1.0 services for WebSphere Portal allow remote attackers to inject arbitrary web script or HTML via the filename of a .odt file in a Lotus Quickr place, related to the Library template...
CVE-2009-3453
Multiple cross-site scripting XSS vulnerabilities in IBM Lotus Quickr 8.1.0 services for WebSphere Portal allow remote attackers to inject arbitrary web script or HTML via the filename of a .odt file in a Lotus Quickr place, related to the Library template...
CVE-2009-3450
Multiple cross-site scripting XSS vulnerabilities in WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allow remote attackers to inject arbitrary web script or HTML via parameters with names beginning with underscore underscore sequences, which are incompatible with an XSS protection...
CVE-2009-3359
Multiple cross-site scripting XSS vulnerabilities in Match Agency BiZ 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 important parameter to editprofile.php and 2 pid parameter to report.php...