Total
28982 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4985 | 1 Mykazaam | 1 Notes Management System | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to inject arbitrary web script or HTML via vectors involving the "Enter Reference Number Below" text box. | |||||
| CVE-2011-4764 | 1 Parallels | 1 Parallels Plesk Small Business Panel | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by Wizard/Edit/Modules/Image and certain other files. | |||||
| CVE-2010-4949 | 2 Evnix, Joomla | 3 Freichat, Freichatpure, Joomla\! | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the (1) FreiChat component before 2.1.2 for Joomla! and the (2) FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML by entering it in an unspecified window. | |||||
| CVE-2009-4347 | 1 Liran Tal | 1 Daloradius | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in daloradius-users/login.php in daloRADIUS 0.9-8 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter. | |||||
| CVE-2010-2001 | 2 Drupal, Ninjitsuweb | 2 Drupal, Civiregister | 2024-02-04 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the CiviRegister module before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI. | |||||
| CVE-2011-1105 | 1 Mutare | 1 Evm | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mutare EVM allow remote attackers to inject arbitrary web script or HTML via (1) a delivery address and possibly (2) a PIN. | |||||
| CVE-2010-2778 | 1 Novell | 1 Groupwise | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a "Javascript XSS exploit." | |||||
| CVE-2009-4866 | 1 Matt Wright | 1 Simple Search | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.cgi in Matt's Script Archive (MSA) Simple Search 1.0 allows remote attackers to inject arbitrary web script or HTML via the terms parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-0892 | 1 Hp | 1 Diagnostics | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Diagnostics 7.5x and 8.0x before 8.05.54.225 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2011-2712 | 1 Apache | 1 Wicket | 2024-02-04 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when setAutomaticMultiWindowSupport is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | |||||
| CVE-2011-0770 | 1 Hp | 7 Arcsight C1000 Appliance, Arcsight C1300 Appliance, Arcsight C3200 Appliance and 4 more | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 allows remote attackers to inject arbitrary web script or HTML via the Windows XP variable in a file. | |||||
| CVE-2010-4783 | 1 Phpwebscripts | 1 Easy Banner Free | 2024-02-04 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magic_quotes_gpc is disabled, allow remote attackers to inject arbitrary web script or HTML via the (1) siteurl and (2) urlbanner parameters. | |||||
| CVE-2010-2155 | 1 Zonecheck | 1 Zonecheck | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in zc/publisher/html.rb in ZoneCheck 2.1.0 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) xmlnode.value, (2) zc-error text, (3) $zc_version, (4) domainname in a zc-title row, different vulnerabilities than CVE-2009-4882. | |||||
| CVE-2010-2700 | 1 Edgephp | 1 Clickbank Affiliate Marketplace Script | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
| CVE-2009-4963 | 1 Typo3 | 2 Commerce Extension, Typo3 | 2024-02-04 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Commerce extension before 0.9.9 for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-4780 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections. | |||||
| CVE-2011-5047 | 1 Pfsense | 1 Pfsense | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in status_rrd_graph.php in pfSense before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the style parameter. | |||||
| CVE-2010-3262 | 1 Flock | 1 Flock | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before 3.0.0.4114 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed. | |||||
| CVE-2012-1211 | 1 Powie | 1 Pfile | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in pfile/kommentar.php in Powie pFile 1.02 allows remote attackers to inject arbitrary web script or HTML via the filecat parameter. | |||||
| CVE-2011-1819 | 1 Google | 1 Chrome | 2024-02-04 | 4.3 MEDIUM | N/A |
| Google Chrome before 12.0.742.91 allows remote attackers to perform unspecified injection into a chrome:// page via vectors related to extensions. | |||||