15796 matches found
CVE-2005-3854
Cross-site scripting XSS vulnerability in index.php in EasyPageCMS allows remote attackers to inject arbitrary web script or HTML via the cat parameter...
CVE-2005-4649
Multiple cross-site scripting XSS vulnerabilities in Advanced Guestbook 2.2 and 2.3.1 allow remote attackers to inject arbitrary web script or HTML via 1 the entry parameter in index.php and 2 the gbid parameter in comment.php. NOTE: The index.php/entry vector might be resultant from CVE-2005-154...
CVE-2009-5000
Multiple cross-site scripting XSS vulnerabilities in the Workplace aka WP component in IBM FileNet P8 Application Engine P8AE 4.0.2.x before 4.0.2.3-P8AE-FP003 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to .jsp pages...
IBM Aspera Faspex 安全漏洞
IBM Aspera Faspex is an International Business Machines IBM solution for rapid global person-to-person document delivery and collaboration. A security vulnerability exists in IBM Aspera Faspex versions 5.0.0 through 5.0.12 that originates from HTML injection and could lead to malicious code...
CVE-2004-2246
Cross-site scripting XSS vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversationid parameter to viewpic.php...
CVE-2008-3937
Multiple cross-site scripting XSS vulnerabilities in Open Media Collectors Database OpenDb 1.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 userid parameter in an edit action to useradmin.php, the 2 title parameter to listings.php, and the 3 redirecturl parameter to...
CVE-2002-1899
Cross-site scripting XSS vulnerability in IceWarp Web Mail 3.3.3 and 3.4.5 allows remote attackers to inject arbitrary web script or HTML via the "Full Name" addressname parameter...
CVE-2004-2752
Cross-site scripting XSS vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote attackers to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action...
CVE-2005-4339
Cross-site scripting XSS vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the...
CVE-2008-6161
Cross-site scripting XSS vulnerability in WOW Raid Manager WRM before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-5103
Cross-site scripting XSS vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable...
CVE-2003-1238
Cross-site scripting vulnerability XSS in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the 1 Team, 2 News, and 3 Liens modules...
CVE-2005-2688
Multiple cross-site scripting XSS vulnerabilities in SaveWebPortal 3.4 allow remote attackers to inject arbitrary web script or HTML via a large number of parameters to 1 footer.php, 2 header.php, 3 menudx.php, or 4 menusx.php, or Javascript code in the 5 HTTPREFERER referer or 6 HTTPUSERAGENT us...
CVE-2004-2180
Multiple cross-site scripting XSS vulnerabilities in WowBB Forum 1.61 allow remote attackers to inject arbitrary web script or HTML via the 1 country parameter to viewuser.php, 2 show parameter to viewforum.php, 3 letter parameter to viewuser.php, 4 highlight parameter to viewtopic.php, 5 show...
CVE-2006-4941
Multiple cross-site scripting XSS vulnerabilities in Moodle before 1.6.2 might allow remote attackers to inject arbitrary web script or HTML via 1 the choose parameter in files/index.php and 2 the sub parameter in doc/index.php...
CVE-2009-2215
Multiple cross-site scripting XSS vulnerabilities in URD before 0.6.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to the fatalerror page and unspecified other components...
CVE-2006-0149
Cross-site scripting XSS vulnerability in SimpBook 1.0, with htmlenable on the default, allows remote attackers to inject arbitrary web script or HTML via the message field...
CVE-2005-4858
Multiple cross-site scripting XSS vulnerabilities in mimic2.cgi in mimicboard2 Mimic2 086 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters associated with the 1 name, 2 title, and 3 comment sections, as demonstrated by referencing a remote...
CVE-2005-2167
Cross-site scripting XSS vulnerability in index.php in Plague News System 0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the cid parameter...
CVE-2008-1299
Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus 7.0.0 Build 7011 for Windows allows remote attackers to inject arbitrary web script or HTML via the searchText parameter. NOTE: the provenance of this information is unknown; the details are obtained sole...