CVE-2014-0793

Multiple cross-site scripting XSS vulnerabilities in the StackIdeas Komento comkomento component before 1.7.3 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the 1 website or 2 latitude parameter in a comment to the default URI...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Vessio NetBill 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 full name or 2 file title to accounts/admin/index.php or 3 comment parameter in the support page to accounts/index2.php...

Code injection

ar web content manager AWCM 2.2 does not restrict the number of comment records that can be submitted through HTTP requests, which allows remote attackers to cause a denial of service disk consumption via the coment parameter to 1 showvideo.php or 2 topic.php...

Cross site scripting

Cross-site scripting XSS vulnerability in videocomments.php in Online Subtitles Workshop before 2.0 rev 131 allows remote attackers to inject arbitrary web script or HTML via the comment parameter...

CVE-2011-5185

Cross-site scripting XSS vulnerability in videocomments.php in Online Subtitles Workshop before 2.0 rev 131 allows remote attackers to inject arbitrary web script or HTML via the comment parameter...

Zoho BugTracker - Multiple Persistent Cross-Site Scripting Vulnerabilities

Zoho BugTracker - Multiple Persistent Cross-Site Scripting Vulnerabilities Zoho BugTracker Multiple Stored XSS Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; inpu...

CVE-2012-1005

Multiple cross-site scripting XSS vulnerabilities in Sphinx Software Mobile Web Server 3.1.2.47 allow remote attackers to inject arbitrary web script or HTML via the comment parameter to a blog, as demonstrated using 1 Blog/MyFirstBlog.txt or 2 Blog/AboutSomething.txt...

CVE-2011-3835

Multiple cross-site scripting XSS vulnerabilities in Wuzly 2.0 allow remote attackers to inject arbitrary web script or HTML via the Referer header to 1 admin/login.php and 2 admin/404.php; the 3 q parameter to search.php; the 4 themename parameter to themesettings.php, 5 extensionname parameter ...

CVE-2010-2624

Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 comment parameter to addcomments.php, 2 values parameter to tagsdetails.php, or 3 begin parameter to greetings.php...

CVE-2007-1991

Cross-site scripting XSS vulnerability in mail/signup.asp in CmailServer WebMail 5.4.3, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the Comment parameter, a different vector than CVE-2007-1927...

CVE-2007-1991

Cross-site scripting XSS vulnerability in mail/signup.asp in CmailServer WebMail 5.4.3, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the Comment parameter, a different vector than CVE-2007-1927...

CVE-2006-1824

Multiple cross-site scripting XSS vulnerabilities in PhpGuestbook.php in PhpGuestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 Name, 2 Website, and 3 Comment parameter...

CVE-2005-4649

Multiple cross-site scripting XSS vulnerabilities in Advanced Guestbook 2.2 and 2.3.1 allow remote attackers to inject arbitrary web script or HTML via 1 the entry parameter in index.php and 2 the gbid parameter in comment.php. NOTE: The index.php/entry vector might be resultant from CVE-2005-154...

CVE-2005-3308

Multiple cross-site scripting XSS vulnerabilities in Zomplog 3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 comment parameter in detail.php, 3 the username parameter in get.php, and 4 the search parameter in index.php...

CVE-2005-3308

Multiple cross-site scripting XSS vulnerabilities in Zomplog 3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 comment parameter in detail.php, 3 the username parameter in get.php, and 4 the search parameter in index.php...

DEBIAN-CVE-2005-2107

Multiple cross-site scripting XSS vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 p or 2 comment parameter...

WordPress <= 1.5.1.2 - Multiple XSS vulnerabilities

Because of these vulnerabilities in post.php, attackers can inject arbitrary web script or HTML via the "p" or "comment" parameter. Solution Update the WordPress to the latest available version at least 1.5.1.3...