6892 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in profile.php in Datetopia Buy Dating Site 1.0 allows remote attackers to inject arbitrary web script or HTML via the sr parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in An image gallery 1.0 allow remote attackers to inject arbitrary web script or HTML via the path parameter to 1 index.php and 2 main.php, and the 3 show parameter to main.php. NOTE: the provenance of this information is unknown; the details are...
CVE-2009-3360
Multiple cross-site scripting XSS vulnerabilities in Datemill 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 return parameter to photoview.php, and st parameter to 2 photosearch.php and 3 search.php...
Cross site scripting
Cross-site scripting XSS vulnerability in sign.php in WX-Guestbook 1.1.208 allows remote attackers to inject arbitrary web script or HTML via the sName parameter aka the name field. NOTE: some of these details are obtained from third party information...
CVE-2009-2742
Cross-site scripting XSS vulnerability in Eclipse Help in IBM WebSphere Application Server WAS 6.1 before 6.1.0.27 allows remote attackers to inject arbitrary web script or HTML via unspecified input...
CVE-2009-3260
Cross-site scripting XSS vulnerability in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the header of the topic in a comment...
CVE-2008-7242
Multiple cross-site scripting XSS vulnerabilities in MODx CMS 0.9.6.1 and 0.9.6.1p1 allo remote attackers to inject arbitrary web script or HTML via the 1 search, 2 "a," 3 messagesubject, and 4 messagebody parameters to certain pages as reachable from manager/index.php; 5 highlight, 6 id, 7 email...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in MODx CMS 0.9.6.1 and 0.9.6.1p1 allo remote attackers to inject arbitrary web script or HTML via the 1 search, 2 "a," 3 messagesubject, and 4 messagebody parameters to certain pages as reachable from manager/index.php; 5 highlight, 6 id, 7 email...
CVE-2008-7242
Multiple cross-site scripting XSS vulnerabilities in MODx CMS 0.9.6.1 and 0.9.6.1p1 allo remote attackers to inject arbitrary web script or HTML via the 1 search, 2 "a," 3 messagesubject, and 4 messagebody parameters to certain pages as reachable from manager/index.php; 5 highlight, 6 id, 7 email...
CVE-2009-3237
Multiple cross-site scripting XSS vulnerabilities in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2 before 1.2.4; allow remote attackers to inject arbitrary web script or HT...
CVE-2009-3227
Cross-site scripting XSS vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to inject arbitrary web script or HTML via the city parameter in a search action. NOTE: some of these details are obtained from thir...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the ImageCache module 5.x before 5.x-2.5 and 6.x before 6.x-2.0-beta10, a module for Drupal, allow remote authenticated users, with "administer imagecache" permissions, to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-3186
Multiple cross-site scripting XSS vulnerabilities in VideoGirls BiZ allow remote attackers to inject arbitrary web script or HTML via the 1 t parameter to forum.php, 2 profilename parameter to profile.php, and 3 p parameter to view.php...
CVE-2009-3191
Multiple cross-site scripting XSS vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to inject arbitrary web script or HTML via the cat parameter to 1 rss.php and 2 opml.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to inject arbitrary web script or HTML via the cat parameter to 1 rss.php and 2 opml.php...
Cross site scripting
Cross-site scripting XSS vulnerability in gamelist.php in Stand Alone Arcade 1.1 allows remote attackers to inject arbitrary web script or HTML via the cat parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in JCE-Tech PHP Calendars Script allows remote attackers to inject arbitrary web script or HTML via the search parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the Wiki Server in Apple Mac OS X 10.5.8 allows remote attackers to inject arbitrary web script or HTML via a search request containing data that does not use UTF-8 encoding...
CVE-2009-2814
Cross-site scripting XSS vulnerability in the Wiki Server in Apple Mac OS X 10.5.8 allows remote attackers to inject arbitrary web script or HTML via a search request containing data that does not use UTF-8 encoding...
CVE-2009-3162
Cross-site scripting XSS vulnerability in Multi Website 1.5 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to the default URI...