Lucene search
K

34 matches found

NVD
NVD
added 2011/09/20 10:55 a.m.41 views

CVE-2011-1510

Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus SDP before 8012 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter...

4.3CVSS5.6AI score0.01086EPSS
Exploits1References5
Prion
Prion
added 2011/09/20 10:55 a.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus SDP before 8012 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter...

4.3CVSS6.1AI score0.01086EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2011/09/20 10:0 a.m.30 views

CVE-2011-1510

Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus SDP before 8012 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter...

5.6AI score0.01086EPSS
Exploits1References5
Prion
Prion
added 2009/03/05 2:30 a.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in Widgets.aspx in Blogsa 1.0 Beta 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchText parameter...

4.3CVSS6.2AI score0.01449EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/03/05 2:0 a.m.19 views

CVE-2009-0814

Cross-site scripting XSS vulnerability in Widgets.aspx in Blogsa 1.0 Beta 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchText parameter...

5.7AI score0.01449EPSS
Exploits1References3
NVD
NVD
added 2008/03/28 6:44 p.m.18 views

CVE-2008-1538

Cross-site scripting XSS vulnerability in searchAction.do in ManageEngine EventLog Analyzer 5 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

4.3CVSS5.6AI score0.00845EPSS
Exploits0References2
CVE
CVE
added 2008/03/28 6:0 p.m.46 views

CVE-2008-1538

The CVE-2008-1538 entry describes a Cross-site scripting (XSS) vulnerability in ManageEngine EventLog Analyzer 5, exploitable through the searchAction.do endpoint via the searchText parameter. The root cause is inadequate sanitization/validation of user-supplied searchText, allowing remote attack...

4.3CVSS5.6AI score0.00845EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2008/03/20 6:44 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine SupportCenter Plus 7.0.0 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, a related issue to CVE-2008-1299. NOTE: the provenance of this information is unknown; the details are...

4.3CVSS5.9AI score0.00855EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2008/03/12 5:44 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus 7.0.0 Build 7011 for Windows allows remote attackers to inject arbitrary web script or HTML via the searchText parameter. NOTE: the provenance of this information is unknown; the details are obtained sole...

4.3CVSS5.8AI score0.00808EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2008/03/12 5:0 p.m.55 views

CVE-2008-1299

CVE-2008-1299 is an XSS vulnerability in ManageEngine ServiceDesk Plus 7.0.0 Build 7011 for Windows, affecting the SolutionSearch.do endpoint. The flaw resides in the searchText parameter, enabling remote attackers to inject arbitrary web script or HTML. Multiple sources (NVD/Red Hat/related reco...

6.1CVSS5.6AI score0.00808EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2007/03/24 12:19 a.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SubHub 2.3.0 allow remote attackers to inject arbitrary web script or HTML via 1 the searchtext parameter to a /search, or the 2 message parameter to b /calendar or c /subscribe...

4.3CVSS6AI score0.01028EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2006/11/10 12:0 a.m.5 views

PT-2006-6518 · Speedywiki · Speedywiki

Name of the Vulnerable Software and Affected Versions: Speedywiki version 2.0 Description: The issue allows remote attackers to obtain the full path of the web server. This can be achieved via the showRevisions and searchText parameters in "index.php", and also through a direct request to...

5CVSS6.6AI score0.01434EPSS
Exploits1References6
CVE
CVE
added 2005/09/22 4:0 a.m.43 views

CVE-2005-3037

CVE-2005-3037 is an XSS vulnerability in Handy Address Book Server 1.1. The issue allows remote attackers to inject arbitrary script or HTML via the SEARCHTEXT parameter in a demos URL, indicating improper input handling in the web interface. The connected documents provide the vulnerability desc...

4.3CVSS5.9AI score0.01255EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2005/09/14 12:0 a.m.48 views

[SA16798] Handy Address Book Server SEARCHTEXT Cross-Site Scripting

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.2AI score
Exploits0
Rows per page
Query Builder