CVE-2010-2040

Cross-site scripting XSS vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter...

CVE-2010-2030

Cross-site scripting XSS vulnerability in the External Link Page module 5.x before 5.x-1.0 and 6.x before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to the administration and redirect pages...

UBUNTU-CVE-2010-1195

Cross-site scripting XSS vulnerability in the htmlscrubber component in ikiwiki 2.x before 2.53.5 and 3.x before 3.20100312 allows remote attackers to inject arbitrary web script or HTML via a crafted data:image/svg+xml URI...

CVE-2009-4694

RadScripts RadLance Gold 7.5 is affected by CVE-2009-4694: an XSS vulnerability in index.php via the fid parameter in a view_forum action. The vulnerability permits remote script/HTML injection, potentially impacting user sessions. According to NVD, the CVSS2 base score is 4.3 (Medium) with vecto...

CVE-2010-0726

Cross-site scripting XSS vulnerability in the tb-send.rb TrackBack transmission plugin in tDiary 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors, possibly related to the 1 plugintburl and 2 plugintbexcerpt parameters...

CVE-2009-4589

Cross-site scripting XSS vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter...

DEBIAN-CVE-2008-7250

Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.4 allows remote attackers to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: this issue exists...

PT-2009-4833 · Red Hat · Red Hat Jboss Enterprise Application Platform

Name of the Vulnerable Software and Affected Versions: Red Hat JBoss Enterprise Application Platform versions 4.2.0 through 4.2.0.CP07, 4.2.2GA and earlier, 4.3 versions prior to 4.3.0.CP07, 5.1.0GA and earlier Description: The issue affects the Web Console in the Application Server, allowing...

CVE-2009-3618

Cross-site scripting XSS vulnerability in viewvc.py in ViewVC 1.0 before 1.0.9 and 1.1 before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the view parameter. NOTE: some of these details are obtained from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in Opera 9 and 10 allows remote attackers to inject arbitrary web script or HTML via a 1 RSS or 2 Atom feed, related to the rendering of the application/rss+xml content type as "scripted content." NOTE: the vendor reportedly considers this behavior a "design...

DEBIAN-CVE-2009-2967

Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...

PYSEC-2009-2

Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...

PYSEC-2009-1

Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-2959

Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-2851

Cross-site scripting XSS vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL...

PT-2009-5147 · Xoops · Xoops

Name of the Vulnerable Software and Affected Versions: XOOPS version 2.3.3 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the vulnerabilities are found in the op...

CVE-2009-1724

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects...

CVE-2009-2343

Cross-site scripting XSS vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information...

DEBIAN-CVE-2009-2343

Cross-site scripting XSS vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information...

CVE-2009-2324

CVE-2009-2324 concerns FCKeditor prior to 2.6.4.1, which contains multiple XSS vulnerabilities that allow remote attackers to inject arbitrary script/HTML via components in the samples directory (aka _samples). The underlying issue is improper validation/escaping of input in the samples/connector...