CVE-2009-4398

Cross-site scripting XSS vulnerability in the Parish of the Holy Spirit Religious Art Gallery hsreligiousartgallery extension 0.1.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-4839

Multiple cross-site scripting XSS vulnerabilities in Basic Analysis and Security Engine BASE, possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 admin/baseroleadmin.php, 2 admin/baseuseradmin.php, 3 baseconfcontents.php, 4...

CVE-2009-4518

Cross-site scripting XSS vulnerability in the Insert Node module 5.x before 5.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via an inserted node...

CVE-2009-4859

Multiple cross-site scripting XSS vulnerabilities in Online Work Order Suite OWOS Lite Edition 3.10 allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 default.asp and 2 report.asp, and the 3 go parameter to login.asp...

CVE-2009-4688

Multiple cross-site scripting XSS vulnerabilities in index.php in PHP Shopping Cart Selling Website Script allow remote attackers to inject arbitrary web script or HTML via the 1 txtkeywords and 2 cid parameters...

CVE-2009-4989

Cross-site scripting XSS vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote attackers to inject arbitrary web script or HTML via the txtkeyword parameter in a search action...

CVE-2009-4972

Cross-site scripting XSS vulnerability in index.php aka the log in page in SimpleID before 0.6.5 allows remote attackers to inject arbitrary web script or HTML via the s parameter...

CVE-2009-4852

Multiple cross-site scripting XSS vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from...

CVE-2009-4717

Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...

CVE-2009-4586

Multiple cross-site scripting XSS vulnerabilities in index.html in Wowd client before 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 sortby, 2 tags, or 3 ctx parameter in a search action...

CVE-2009-4157

Multiple cross-site scripting XSS vulnerabilities in index.php in the ProofReader comproofreader component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in 1 404 or 2 error pages...

CVE-2009-4391

Cross-site scripting XSS vulnerability in the File list drblob extension 2.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-4346

Cross-site scripting XSS vulnerability in the Frontend news submitter with RTE fertenews extension 1.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-4894

Multiple cross-site scripting XSS vulnerabilities in profile.php in PunBB before 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 password or 2 e-mail...

CVE-2009-4858

Cross-site scripting XSS vulnerability in questiondetail.php in Yahoo Answers Clone allows remote attackers to inject arbitrary web script or HTML via the questionid parameter...

CVE-2010-0736

Cross-site scripting XSS vulnerability in the viewqueryform function in lib/viewvc.py in ViewVC before 1.0.10, and 1.1.x before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via "user-provided input."...

CVE-2010-0347

Cross-site scripting XSS vulnerability in the VD / Geomap vdgeomap extension 0.3.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-0704

Cross-site scripting XSS vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp601500801 allows remote attackers to inject arbitrary web script or HTML via the search field...

CVE-2010-0432

Multiple cross-site scripting XSS vulnerabilities in the Apache Open For Business Project aka OFBiz 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via 1 the productStoreId parameter to control/exportProductListing, 2...

CVE-2021-27695

Multiple stored cross-site scripting XSS vulnerabilities in openMAINT 2.1-3.3-b allow remote attackers to inject arbitrary web script or HTML via any "Add" sections, such as Add Card Building & Floor, or others in the Name and Code Parameters...