2 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the JExtensions JE Awd Song comawdsong component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the song review field, which is not properly handled in a view action to index.php...
CVE-2006-3061
Multiple cross-site scripting XSS vulnerabilities in 5 Star Review allow remote attackers to inject arbitrary web script or HTML via the 1 sort parameter in index2.php, 2 itemid parameter in report.php, 3 searchterm parameter aka the "search box" in searchreviews.php, 4 the profile field in...