6892 matches found
CVE-2008-7134
Multiple cross-site scripting XSS vulnerabilities in the default URI in Chris LaPointe RedGalaxy Download Center 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 file parameter, 2 message parameter in a login action, 3 category parameter in a browse action, 4 now...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Carmosa phpCart 3.4 through 4.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 quantity or 2 Add Engraving fields to the default URI; 3 Quantity field to phpcart.php; 4 Name, 5 Company, 6 Address, 7 City, and 8...
CVE-2008-7108
Multiple cross-site scripting XSS vulnerabilities in Carmosa phpCart 3.4 through 4.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 quantity or 2 Add Engraving fields to the default URI; 3 Quantity field to phpcart.php; 4 Name, 5 Company, 6 Address, 7 City, and 8...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...
CVE-2008-7092
Multiple cross-site scripting XSS vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the 1 url, 2 PageName, and 3 title parameters in a CustomBookMarkLink action to Campaign/Campaign; 4 a Javascript event i...
CVE-2009-2959
Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Chipmunk Topsites allows remote attackers to inject arbitrary web script or HTML via the start parameter...
CVE-2008-7072
Cross-site scripting XSS vulnerability in index.php in Chipmunk Topsites allows remote attackers to inject arbitrary web script or HTML via the start parameter...
CVE-2008-7036
Multiple cross-site scripting XSS vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 direction and 2 orderby parameters...
Cross site scripting
Cross-site scripting XSS vulnerability in register.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to inject arbitrary web script or HTML via the Email parameter. NOTE: this can be leveraged to modify cookies and conduct session fixation attacks...
Cross site scripting
Cross-site scripting XSS vulnerability in an unspecified component in Simple Machines phpRaider 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the resistance field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2009-2930
Cross-site scripting XSS vulnerability in the Search feature in elka CMS aka Elkapax allows remote attackers to inject arbitrary web script or HTML via the q parameter to the default URI...
CVE-2009-1879
Cross-site scripting XSS vulnerability in index.template.html in the express-install templates in the SDK in Adobe Flex before 3.4, when the installed Flash version is older than a specified requiredMajorVersion value, allows remote attackers to inject arbitrary web script or HTML via the query...
CVE-2009-2920
Multiple cross-site scripting XSS vulnerabilities in Elvin 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 component and 2 priority parameters to buglist.php; and the 3 Username 4 E-mail, 5 Pass, and 6 Confirm pass fields to createaccount.php...
CVE-2009-2914
Cross-site scripting XSS vulnerability in index.php in XZero Community Classifieds 4.97.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded file. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in XZero Community Classifieds 4.97.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded file. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
CVE-2009-2913
Cross-site scripting XSS vulnerability in index.php in XZero Community Classifieds 4.97.8 allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-2884
Cross-site scripting XSS vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to inject arbitrary web script or HTML via the rank parameter...
CVE-2009-2889
Cross-site scripting XSS vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to inject arbitrary web script or HTML via the letters parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in devalcms 1.4a allows remote attackers to inject arbitrary web script or HTML via the currentpath parameter...