CVE-2010-2487

Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 Page.py, 2 PageEditor.py, 3 PageGraphicalEditor.py, 4 action/CopyPage.py, 5...

CVE-2010-2273

Multiple cross-site scripting XSS vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to...

CVE-2010-1394

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML document fragments...

CVE-2010-2000

Cross-site scripting XSS vulnerability in the Bibliography Biblio module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than...

CVE-2010-1303

Multiple cross-site scripting XSS vulnerabilities in the Taxonomy Filter module 6.x before 6.x-1.1 for Drupal allow remote authenticated users, with administer taxonomy permissions or create node permissions when free tagging is enabled, to inject arbitrary web script or HTML via vocabulary 1...

CVE-2009-3731

Multiple cross-site scripting XSS vulnerabilities in WebWorks Help 2.0 through 5.0 in VMware vCenter 4.0 before Update 1 Build 208156; VMware Server 2.0.2; VMware ESX 4.0; VMware Lab Manager 2.x; VMware vCenter Lab Manager 3.x and 4.x before 4.0.1; VMware Stage Manager 1.x before 4.0.1; WebWorks...

CVE-2009-4196

Multiple cross-site scripting XSS vulnerabilities in multiple scripts in Forms/ in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 allow remote attackers to inject arbitrary web script or HTML via the 1 BackButton parameter to error1; 2 wzConnFlag parameter to freshpppoe1; 3...

CVE-2009-2920

Multiple cross-site scripting XSS vulnerabilities in Elvin 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 component and 2 priority parameters to buglist.php; and the 3 Username 4 E-mail, 5 Pass, and 6 Confirm pass fields to createaccount.php...

CVE-2009-1553

Multiple cross-site scripting XSS vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to 1 applications/applications.jsf, 2 configuration/configuration.jsf, 3 customMBeans/customMBeans.jsf, ...

CVE-2008-3923

Multiple cross-site scripting XSS vulnerabilities in statistics.php in Content Management Made Easy CMME 1.12 allow remote attackers to inject arbitrary web script or HTML via the 1 page and 2 year parameters in an hstatyear action...

CVE-2008-3422

Multiple cross-site scripting XSS vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted attributes related to 1 HtmlControl.cs PreProcessRelativeReference, 2 HtmlForm.cs RenderAttributes, 3 HtmlInputButton...

CVE-2008-2204

Multiple cross-site scripting XSS vulnerabilities in admin/inc/header.php in Maian Search 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 header, 2 header2, 3 header3, 4 header4, 5 header5, 6 header6, 7 header7, 8 header8, and 9 header9 parameters...

CVE-2007-4836

Cross-site scripting XSS vulnerability in index.php in phpMyQuote 0.20 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an edit action...

CVE-2007-4478

Cross-site scripting XSS vulnerability in Microsoft Internet Explorer 6.0 and 7 allows user-assisted remote attackers to inject arbitrary web script or HTML in the local zone via a URI, when the document at the associated URL is saved to a local file, which then contains the URI string along with...

CVE-2007-3062

Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2007-2993

Multiple cross-site scripting XSS vulnerabilities in OmegaMw7.asp in OMEGA aka Omegasoft INterneSErvicesLosungen INSEL allow remote attackers to inject arbitrary web script or HTML via 1 user-created text fields; the 2 F05003, 3 F05005, and 4 F05015 fields; and other unspecified standard fields...

CVE-2007-2600

Multiple cross-site scripting XSS vulnerabilities in TutorialCMS aka Photoshop Tutorials 1.00 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 catFile parameter to a browseCat.php or b browseSubCat.php; the 2 id parameter to c openTutorial.php, d topFrame.php, o...

Mozilla Firefox 2.0.0.3 Gran Paradiso 3.0a3 - Hang Crash (Denial of Service)

Mozilla Firefox 2.0.0.3 Gran Paradiso 3.0a3 - Hang Crash Denial of Service usr/bin/python print "-------------------------------------------------------------------------" print " Mozilla Firefox 2.0.0.3 and Gran Paradiso 3.0a3 Denial of Service" print " author: shinnai" print " mail:...

CVE-2006-6271

Multiple cross-site scripting XSS vulnerabilities in PHPOLL 0.96 allow remote attackers to inject arbitrary web script or HTML via the language parameter to 1 index.php, 2 info.php; and 3 index.php, 4 votanti.php, 5 risultaticonfig.php, 6 modificaband.php, 7 bandeditor.php, and 8 configeditor.php...

CVE-2006-3087

Multiple cross-site scripting XSS vulnerabilities in EZGallery 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 pUserID, 2 aid, 3 aname, 4 uid, and 5 m parameter in a common/galleries.asp; 6 aid, 7 aname, 8 uid, 9 m, 10 gp, and 11 g parameter in b...