CVE-2009-4736

Cross-site scripting XSS vulnerability in search.php in CommonSense CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter...

Sql injection

SQL injection vulnerability in searchresult.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the courseID parameter...

Unfixed XSS vulnerability at www.runnersworld.se

Security researcher Uber0n, has submitted on 17/02/2010 a cross-site-scripting XSS vulnerability affecting www.runnersworld.se, which at the time of submission ranked 571313 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 14/06/2010. It is...

Unfixed XSS vulnerability at www.icomplaints.in

Security researcher Th3 RDX, has submitted on 01/07/2010 a cross-site-scripting XSS vulnerability affecting www.icomplaints.in, which at the time of submission ranked 204926 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/07/2010. It is...

Unfixed XSS vulnerability at www.famiglienuove.org

Security researcher Ribel, has submitted on 16/12/2009 a cross-site-scripting XSS vulnerability affecting www.famiglienuove.org, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/07/2010. It is currentl...

Advanced Image Hosting 2.2 XSS

Vendor: http://yabsoft.com/ .. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + XSS + + http://server/search.php?text=%3Cscript%3Ealertdocument.cookie%3C/script%3E&dosearch=Search + + +...

CVE-2009-4110

Cross-site scripting XSS vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page...

CVE-2009-4110

Cross-site scripting XSS vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page...

Cross site scripting

Cross-site scripting XSS vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page...

CVE-2009-4110

The CVE-2009-4110 entry applies to DotNetNuke (DNN) 4.8.x through 5.1.4, where the Search functionality in SearchResults.aspx is vulnerable to cross-site scripting (XSS) due to insufficient sanitization of the user-provided search terms before dynamic HTML output. The vulnerability is exploitable...

Unfixed XSS vulnerability at india.recruit.net

Security researcher sameer saran, has submitted on 26/10/2009 a cross-site-scripting XSS vulnerability affecting india.recruit.net, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/07/2010. It is...

CVE-2009-3503

Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 rid and 2 tid parameters...

CVE-2009-2882

Multiple cross-site scripting XSS vulnerabilities in PG MatchMaking allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 browseladies.php and 2 browsemen.php, the 3 gender parameter to search.php, and the 4 id parameter to services.php...

Unfixed XSS vulnerability at www.rtl.fr

Security researcher 599eme Man, has submitted on 08/07/2009 a cross-site-scripting XSS vulnerability affecting www.rtl.fr, which at the time of submission ranked 12025 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/07/2009. It is currently...

Unfixed XSS vulnerability at www.whatisscientology.org

Security researcher lljkrieg, has submitted on 21/07/2009 a cross-site-scripting XSS vulnerability affecting www.whatisscientology.org, which at the time of submission ranked 313267 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 19/09/2009. It...

Unfixed XSS vulnerability at www.nhl.nl

Security researcher Jurpie, has submitted on 23/05/2009 a cross-site-scripting XSS vulnerability affecting www.nhl.nl, which at the time of submission ranked 184188 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/05/2009. It is currently...

CVE-2009-1735

Cross-site scripting XSS vulnerability in search.php in VidSharePro allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter. NOTE: some of these details are obtained from third party information...

Unfixed XSS vulnerability at www.rtsbanana.com

Security researcher Skyr3x, has submitted on 02/07/2009 a cross-site-scripting XSS vulnerability affecting www.rtsbanana.com, which at the time of submission ranked 6923737 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/12/2011. It is...

CVE-2008-6015

Multiple SQL injection vulnerabilities in search.php in EsFaq 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 keywords and 2 cat parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Unfixed XSS vulnerability at irish-charts.com

Security researcher Viper.aT, has submitted on 12/04/2008 a cross-site-scripting XSS vulnerability affecting irish-charts.com, which at the time of submission ranked 10365959 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/04/2008. It is...