Total
28752 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2917 | 1 Ajsquare | 1 Aj Article | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in AJ Square AJ Article 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) emailid, (2) fname, (3) lname, (4) company, (5) address1, (6) address2, (7) city, (8) state, (9) zipcode, (10) phone, and (11) fax parameters in an update action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-5065 | 1 Ibm | 1 Websphere Application Server | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 allows remote attackers to inject arbitrary web script or HTML via vectors related to web messaging. | |||||
| CVE-2011-3830 | 1 Sitracker | 1 Support Incident Tracker | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Support Incident Tracker (aka SiT!) 3.65 allows remote attackers to inject arbitrary web script or HTML via the search_string parameter. | |||||
| CVE-2010-3841 | 1 Twiki | 1 Twiki | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.pm in TWiki before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the rev parameter to the view script or (2) the query string to the login script. | |||||
| CVE-2011-4616 | 1 Igor Vlasenko | 1 Html-template-pro | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to improper handling of > (greater than) and < (less than) characters. | |||||
| CVE-2003-1577 | 1 Sun | 1 One Web Server | 2024-02-04 | 2.6 LOW | N/A |
| Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files, and conduct cross-site scripting (XSS) attacks involving the iPlanet Log Analyzer, via an HTTP request in conjunction with a crafted DNS response, related to an "Inverse Lookup Log Corruption (ILLC)" issue, a different vulnerability than CVE-2002-1315 and CVE-2002-1316. | |||||
| CVE-2011-4312 | 1 Reviewboard | 1 Review Board | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the commenting system in Review Board before 1.5.7 and 1.6.x before 1.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) diff viewer or (2) screenshot component. | |||||
| CVE-2011-2477 | 1 Icinga | 1 Icinga | 2024-02-04 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in Icinga before 1.4.1, when escape_html_tags is disabled, allow remote attackers to inject arbitrary web script or HTML via a JavaScript expression, as demonstrated by the onload attribute of a BODY element located after a check-host-alive! sequence, a different vulnerability than CVE-2011-2179. | |||||
| CVE-2011-2369 | 1 Mozilla | 1 Firefox | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity. | |||||
| CVE-2010-3936 | 1 Microsoft | 1 Forefront Unified Access Gateway | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "XSS in Signurl.asp Vulnerability." | |||||
| CVE-2011-1158 | 1 Mark Pilgrim | 1 Feedparser | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme, as demonstrated by a javascript: URI. | |||||
| CVE-2010-1606 | 1 Ncrypted | 1 Nct Jobs Portal Script | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NCT Jobs Portal Script allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) Keywords, (3) Tags, or (4) Desired City field. | |||||
| CVE-2012-0446 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects. | |||||
| CVE-2012-0930 | 1 Schneider-electric | 1 Modicon Quantum Plc | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Schneider Electric Modicon Quantum PLC allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1696 | 1 Novell | 2 Identity Manager Roles Based Provisioning Module, Identity Manager User Application | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 692972. | |||||
| CVE-2012-1028 | 1 Simple-groupware | 1 Simplegroupware | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in bin/index.php in SimpleGroupware 0.742 and other versions before 0.743 allows remote attackers to inject arbitrary web script or HTML via the export parameter. | |||||
| CVE-2010-2856 | 1 Oscss | 1 Oscss | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin/currencies.php in osCSS 1.2.2, and probably earlier versions, allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-2011-2711 | 1 Lars Hjemli | 1 Cgit | 2024-02-04 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the print_fileinfo function in ui-diff.c in cgit 0.9.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the filename associated with the rename hint. | |||||
| CVE-2011-4552 | 1 Oneclickorgs | 1 One Click Orgs | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in One Click Orgs before 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the description field of (1) a new vote or (2) the eject member proposal feature. | |||||
| CVE-2010-4642 | 1 Xwiki | 1 Xwiki | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in XWiki Enterprise before 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||