Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0734 | 1 Adobe | 1 Coldfusion | 2011-11-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via an id parameter containing a JavaScript onLoad event handler for a BODY element, related to a "tag body" attack. NOTE: this was originally reported as affecting 9.0.1 CHF1 and earlier. | |||||
| CVE-2011-0735 | 1 Adobe | 1 Coldfusion | 2011-11-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via vectors involving a "tag script." | |||||
| CVE-2011-3860 | 2 Onedesigns, Wordpress | 2 Cover Wp, Wordpress | 2011-10-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. | |||||
| CVE-2011-1330 | 1 Kbs | 1 Weblygo | 2011-10-26 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WeblyGo 5.0 Pro/LE, 5.02 Pro/LE, 5.03 Pro/LE, 5.04 Pro/LE, and 5.10 Pro/LE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2009-5086 | 1 Juniper | 1 Idp | 2011-10-25 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Appliance Configuration Manager (ACM) in Juniper IDP 4.1 before 4.1r3 and 4.2 before 4.2r1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-3862 | 2 Adazing, Wordpress | 2 Morning Coffee, Wordpress | 2011-10-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Morning Coffee theme before 3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. | |||||
| CVE-2011-3850 | 2 Bytesforall, Wordpress | 2 Atahualpa, Wordpress | 2011-10-20 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Atahualpa theme before 3.6.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. | |||||
| CVE-2011-3854 | 2 Quirm, Wordpress | 2 Zenlite, Wordpress | 2011-10-20 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the ZenLite theme before 4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. | |||||
| CVE-2011-0242 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2011-10-20 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving a URL that contains a username. | |||||
| CVE-2011-3254 | 1 Apple | 1 Iphone Os | 2011-10-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS before 5 allows remote attackers to inject arbitrary web script or HTML via an invitation note. | |||||
| CVE-2011-2947 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 4.3 MEDIUM | N/A |
| Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document. | |||||
| CVE-2011-3385 | 2 Lepton-cms, Websitebaker2 | 2 Lepton, Websitebaker | 2011-10-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebsiteBaker before 2.8, as used in LEPTON and possibly other products, allows remote attackers to inject arbitrary web script or HTML via unknown vectors, a different vulnerability than CVE-2006-2307. | |||||
| CVE-2011-2133 | 1 Adobe | 2 Robohelp, Robohelp Server | 2011-10-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 before 9.0.1.262, and RoboHelp Server 8 and 9, allows remote attackers to inject arbitrary web script or HTML via the URI, related to template_stock/whutils.js. | |||||
| CVE-2011-3576 | 1 Ibm | 1 Lotus Domino | 2011-09-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 8.5.2 allows remote attackers to inject arbitrary web script or HTML via the PanelIcon parameter in an fmpgPanelHeader ReadForm action to WebAdmin.nsf. | |||||
| CVE-2011-3132 | 1 Tibco | 2 Spotfire Analytics Server, Spotfire Server | 2011-09-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-2078 | 1 Inventivetec | 1 Mediacast | 2011-09-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1937 | 1 Webmin | 1 Webmin | 2011-09-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier allows local users to inject arbitrary web script or HTML via a chfn command that changes the real (aka Full Name) field, related to useradmin/index.cgi and useradmin/user-lib.pl. | |||||
| CVE-2011-1537 | 1 Hp | 1 Proliant Support Pack | 2011-09-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1523 | 1 Nagios | 1 Nagios | 2011-09-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter. | |||||
| CVE-2011-1542 | 1 Hp | 1 Systems Insight Manager | 2011-09-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||