34 matches found
CVE-2011-1510
Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus SDP before 8012 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus SDP before 8012 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter...
CVE-2011-1510
Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus SDP before 8012 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in Widgets.aspx in Blogsa 1.0 Beta 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchText parameter...
CVE-2009-0814
Cross-site scripting XSS vulnerability in Widgets.aspx in Blogsa 1.0 Beta 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchText parameter...
CVE-2008-1538
Cross-site scripting XSS vulnerability in searchAction.do in ManageEngine EventLog Analyzer 5 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2008-1538
The CVE-2008-1538 entry describes a Cross-site scripting (XSS) vulnerability in ManageEngine EventLog Analyzer 5, exploitable through the searchAction.do endpoint via the searchText parameter. The root cause is inadequate sanitization/validation of user-supplied searchText, allowing remote attack...
Cross site scripting
Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine SupportCenter Plus 7.0.0 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, a related issue to CVE-2008-1299. NOTE: the provenance of this information is unknown; the details are...
Cross site scripting
Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus 7.0.0 Build 7011 for Windows allows remote attackers to inject arbitrary web script or HTML via the searchText parameter. NOTE: the provenance of this information is unknown; the details are obtained sole...
CVE-2008-1299
CVE-2008-1299 is an XSS vulnerability in ManageEngine ServiceDesk Plus 7.0.0 Build 7011 for Windows, affecting the SolutionSearch.do endpoint. The flaw resides in the searchText parameter, enabling remote attackers to inject arbitrary web script or HTML. Multiple sources (NVD/Red Hat/related reco...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SubHub 2.3.0 allow remote attackers to inject arbitrary web script or HTML via 1 the searchtext parameter to a /search, or the 2 message parameter to b /calendar or c /subscribe...
PT-2006-6518 · Speedywiki · Speedywiki
Name of the Vulnerable Software and Affected Versions: Speedywiki version 2.0 Description: The issue allows remote attackers to obtain the full path of the web server. This can be achieved via the showRevisions and searchText parameters in "index.php", and also through a direct request to...
CVE-2005-3037
CVE-2005-3037 is an XSS vulnerability in Handy Address Book Server 1.1. The issue allows remote attackers to inject arbitrary script or HTML via the SEARCHTEXT parameter in a demos URL, indicating improper input handling in the web interface. The connected documents provide the vulnerability desc...
[SA16798] Handy Address Book Server SEARCHTEXT Cross-Site Scripting
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...