CVE-2009-4589

Cross-site scripting XSS vulnerability in the Special:Block implementation in the getContribsLink function in SpecialBlockip.php in MediaWiki 1.14.0 and 1.15.0 allows remote attackers to inject arbitrary web script or HTML via the ip parameter...

DEBIAN-CVE-2008-7250

Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.4 allows remote attackers to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: this issue exists...

Xss Discuz! version 5.0.0 RC1

No description provided by source. Xss Discuz! version 5.0.0 RC1 Author: SpiderZ Sito: http://www.spiderz.altervista.org Sito2: https://www.spiderz.netsons.org Download Board : http://www.discuz.com File: usearch.html ?site=www.discuz.net&kw= Message Script:...

PT-2009-4833 · Red Hat · Red Hat Jboss Enterprise Application Platform

Name of the Vulnerable Software and Affected Versions: Red Hat JBoss Enterprise Application Platform versions 4.2.0 through 4.2.0.CP07, 4.2.2GA and earlier, 4.3 versions prior to 4.3.0.CP07, 5.1.0GA and earlier Description: The issue affects the Web Console in the Application Server, allowing...

CVE-2009-3618

Cross-site scripting XSS vulnerability in viewvc.py in ViewVC 1.0 before 1.0.9 and 1.1 before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the view parameter. NOTE: some of these details are obtained from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in Opera 9 and 10 allows remote attackers to inject arbitrary web script or HTML via a 1 RSS or 2 Atom feed, related to the rendering of the application/rss+xml content type as "scripted content." NOTE: the vendor reportedly considers this behavior a "design...

DEBIAN-CVE-2009-2967

Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...

PYSEC-2009-2

Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...

PYSEC-2009-1

Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-2959

Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-2851

Cross-site scripting XSS vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL...

PT-2009-5147 · Xoops · Xoops

Name of the Vulnerable Software and Affected Versions: XOOPS version 2.3.3 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the vulnerabilities are found in the op...

tomcat: XSS in Apache Tomcat calendar application

Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...

CVE-2009-1724

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects...

CVE-2009-2343

Cross-site scripting XSS vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information...

DEBIAN-CVE-2009-2343

Cross-site scripting XSS vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information...

CVE-2009-2324

CVE-2009-2324 concerns FCKeditor prior to 2.6.4.1, which contains multiple XSS vulnerabilities that allow remote attackers to inject arbitrary script/HTML via components in the samples directory (aka _samples). The underlying issue is improper validation/escaping of input in the samples/connector...

CVE-2009-2219

Multiple cross-site scripting XSS vulnerabilities in phpCollegeExchange 0.1.5c allow remote attackers to inject arbitrary web script or HTML via the 1 SESSIONhandle parameter to a home.php, b books/allbooks.php, or c books/home.php; or the 2 home parameter to d ihead.php or e inav.php, or f...

CVE-2009-2170

Multiple cross-site scripting XSS vulnerabilities in Mahara 1.0 before 1.0.12 and 1.1 before 1.1.5 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2009-2149

Multiple cross-site scripting XSS vulnerabilities in Campus Virtual-LMS allow remote attackers to inject arbitrary web script or HTML via the 1 courseid parameter to enrolments/step1.php, or the 2 search or 3 siteid parameter to files/sharedlist.php...