187 matches found
Resin viewfile Servlet file Parameter XSS
The remote host is running Resin, an application server. The 'viewfile' Servlet included with the version of Resin installed on the remote host fails to sanitize user input to the 'file' parameter before including it in dynamic HTML output. An attacker may be able to leverage this issue to inject...
Xerox DocuShare dsweb Servlet Multiple XSS
The remote host is running DocuShare, a web-based document management application from Xerox. The version of DocuShare installed on the remote host fails to sanitize user input to the 'dsweb' servlet before including it in dynamic HTML output. An attacker may be able to leverage this issue to...
Alkacon OpenCms tree_files.jsp resource XSS
Alkacon OpenCms treefiles.jsp resource XSS Product: Alkacon OpenCms http://www.opencms.org/ OpenCms contains a cross-site scripting vulnerability in the file tree navigation function. An invalid value supplied to parameter resource in page opencms/system/workplace/views/explorer/treefiles.jsp is...
[SECURITY] Fedora 7 Update: kdevelop-3.5.0-4.fc7
The KDevelop Integrated Development Environment provides many features that developers need as well as providing a unified interface to programs like gdb, the C/C++ compiler, and make. KDevelop manages or provides: All development tools needed for C++ programming like Compiler, Linker, automake a...
MySQL Eventum index.php email Parameter XSS
The MySQL Eventum install hosted on the remote web server is vulnerable to a cross-site scripting attack because it fails to sanitize user-supplied input to the 'email' parameter of the 'index.php' script before using it to generate dynamic HTML output. With a specially crafted URL, an attacker c...
CVE-2003-1219
Cross-site scripting XSS vulnerability in the tephreflink function in htmloutput.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter...
HTML-output filters in twig/* extras incorrectly declared `is_safe => ['all']`
More info at https://symfony.com/cve-2026-46637...