6892 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in showproduct.php in ReviewPost Pro vB3 allows remote attackers to inject arbitrary web script or HTML via the date parameter...
CVE-2009-3156
Cross-site scripting XSS vulnerability in the Date Tools sub-module in the Date module 6.x before 6.x-2.3 for Drupal allows remote authenticated users, with "use date tools" or "administer content types" privileges, to inject arbitrary web script or HTML via a "Content type label" field...
Cross site scripting
Cross-site scripting XSS vulnerability in the web management interface in the ZyXEL P-330W router allows remote attackers to inject arbitrary web script or HTML via the pingstr parameter and other unspecified vectors...
CVE-2008-7184
Cross-site scripting XSS vulnerability in Diigo Toolbar and Diigolet allows remote attackers to inject arbitrary web script or HTML via a public comment...
CVE-2008-7184
Cross-site scripting XSS vulnerability in Diigo Toolbar and Diigolet allows remote attackers to inject arbitrary web script or HTML via a public comment...
Cross site scripting
Cross-site scripting XSS vulnerability in IBM Lotus iNotes aka Domino Web Access or DWA before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR EZEL7UURYC...
Cross site scripting
Cross-site scripting XSS vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper...
CVE-2009-3009
Cross-site scripting XSS vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper...
CVE-2008-7175
Cross-site scripting XSS vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action...
CVE-2008-7171
Multiple cross-site scripting XSS vulnerabilities in Lightweight news portal LNP 1.0b allow remote attackers to inject arbitrary web script or HTML via the 1 photo parameter to showphoto.php, 2 potd parameter to showpotd.php, or 3 the Current question field in a vote action to admin.php...
Cross site scripting
Cross-site scripting XSS vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Lightweight news portal LNP 1.0b allow remote attackers to inject arbitrary web script or HTML via the 1 photo parameter to showphoto.php, 2 potd parameter to showpotd.php, or 3 the Current question field in a vote action to admin.php...
CVE-2008-7171
Multiple cross-site scripting XSS vulnerabilities in Lightweight news portal LNP 1.0b allow remote attackers to inject arbitrary web script or HTML via the 1 photo parameter to showphoto.php, 2 potd parameter to showpotd.php, or 3 the Current question field in a vote action to admin.php...
CVE-2009-3067
Cross-site scripting XSS vulnerability in index.php in Reservation Manager allows remote attackers to inject arbitrary web script or HTML via the resmanstartdate parameter...
CVE-2009-3060
Multiple cross-site scripting XSS vulnerabilities in Joker Board aka JBoard 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the notice parameter to editform.php, 2 the editusermessage parameter to core/editusermessage.php, or 3 the usertitle parameter to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Joker Board aka JBoard 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the notice parameter to editform.php, 2 the editusermessage parameter to core/editusermessage.php, or 3 the usertitle parameter to...
CVE-2008-7141
Cross-site scripting XSS vulnerability in setup.php in @lex Poll 2.1 allows remote attackers to inject arbitrary web script or HTML via the languagesetup parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in @lex Guestbook 4.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 languagesetup parameter to setup.php or 2 test parameter to index.php. NOTE: the provenance of this information is unknown; the details are...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Nuked-Klan 1.3 beta allows remote attackers to inject arbitrary web script or HTML via the nukednude parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the default URI in Chris LaPointe RedGalaxy Download Center 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 file parameter, 2 message parameter in a login action, 3 category parameter in a browse action, 4 now...