4582 matches found
PT-2023-2115 · Aruba · Clearpass Policy Manager
Name of the Vulnerable Software and Affected Versions: ClearPass Policy Manager affected versions not specified Description: The issue concerns a reflected cross-site scripting XSS attack within the web-based management interface of ClearPass Policy Manager. This could allow a remote attacker to...
CVE-2022-38220
An XSS vulnerability exists within Quest KACE Systems Management Appliance SMA through 12.1 that may allow remote injection of arbitrary web script or HTML...
Quest KACE Systems Management Appliance 跨站脚本漏洞
Quest Software Quest KACE Systems Management Appliance is an IT asset management appliance from Quest Software, USA. A security vulnerability exists in Quest KACE Systems Management Appliance SMA version 12.1 and earlier. An attacker can exploit this vulnerability to remotely inject arbitrary web...
CVE-2022-38220
An XSS vulnerability exists within Quest KACE Systems Management Appliance SMA through 12.1 that may allow remote injection of arbitrary web script or HTML...
SUSE CVE-2002-1700
Cross-site scripting vulnerability XSS in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message...
SUSE CVE-2005-1156
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1."...
SUSE CVE-2005-2453
Cross-site scripting XSS vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string...
SUSE CVE-2005-3301
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to 1 left.php, 2 queryframe.php, or 3 serverdatabases.php...
SUSE CVE-2005-3425
Cross-site scripting XSS vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424...
SUSE CVE-2005-3665
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPHOST variable and 2 various scripts in the libraries directory that handle header generation...
SUSE CVE-2006-3810
Cross-site scripting XSS vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapperwindow.Function construct...
SUSE CVE-2006-7196
Cross-site scripting XSS vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly...
SUSE CVE-2007-1055
Cross-site scripting XSS vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177...
SUSE CVE-2007-2245
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.10.1.0 allow remote attackers to inject arbitrary web script or HTML via 1 the fieldkey parameter to browseforeigners.php or 2 certain input to the PMAsanitize function...
SUSE CVE-2007-3227
Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...
SUSE CVE-2007-3503
The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that contain cross-site scripting XSS vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
SUSE CVE-2007-4306
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the 1 unlimnumrows, 2 sqlquery, or 3 pos parameter to a tblexport.php; the 4 sessionmaxrows or 5 pos parameter to b sql.php; the 6 username parameter to c...
SUSE CVE-2008-0415
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting XSS attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation...
SUSE CVE-2008-1234
Cross-site scripting XSS vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to inject arbitrary web script or HTML via event handlers, aka "Universal XSS using event handlers."...
SUSE CVE-2008-3198
Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arbitrary web script into a chrome document via unspecified vectors, as demonstrated by injection into a XUL error page. NOTE: this can be leveraged to execute arbitrary code using CVE-2008-2933...