Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2367 | 1 Norenz | 1 Ad-edit2 | 2010-10-06 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.cgi in AD-EDIT2 before 3.0.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-2535 | 1 Joomla | 1 Joomla\! | 2010-10-05 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Back End in Joomla! 1.5.x before 1.5.20 allow remote authenticated users to inject arbitrary web script or HTML via administrator screens. | |||||
| CVE-2010-3605 | 2 Alex Kellner, Typo3 | 2 Powermail, Typo3 | 2010-09-27 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-3489 | 1 Digitalworkroom | 1 Cms Digital Workroom | 2010-09-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in netautor/napro4/home/login2.php in CMS Digital Workroom (formerly Netautor Professional) 5.5.0 allows remote attackers to inject arbitrary web script or HTML via the goback parameter. | |||||
| CVE-2010-3314 | 1 Egroupware | 1 Egroupware | 2010-09-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309; allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | |||||
| CVE-2010-3202 | 1 Flock | 1 Flock | 2010-09-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Flock Browser 3.0.0.3989 allows remote attackers to inject arbitrary web script or HTML via a crafted bookmark. | |||||
| CVE-2010-3094 | 1 Drupal | 1 Drupal | 2010-09-21 | 2.1 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) an action description, (2) an action message, (3) a node, or (4) a taxonomy term, related to the actions feature and the trigger module. | |||||
| CVE-2009-4999 | 1 Ibm | 1 Filenet P8 Application Engine | 2010-09-20 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-016 allows remote attackers to inject arbitrary web script or HTML via the Name field. | |||||
| CVE-2009-5000 | 1 Ibm | 1 Filenet P8 Application Engine | 2010-09-20 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.3-P8AE-FP003 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to .jsp pages. | |||||
| CVE-2010-3470 | 1 Ibm | 1 Filenet P8 Application Engine | 2010-09-20 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 and 4.0.2.x before 4.0.2.7-P8AE-FP007 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-3472 | 1 Ibm | 1 Filenet P8 Application Engine | 2010-09-20 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-3462 | 1 Mollify | 1 Mollify | 2010-09-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in backend/plugin/Registration/index.php in Mollify 1.6, 1.6.5.5, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the confirm parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-3427 | 1 Open-classifieds | 1 Open Classifieds | 2010-09-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Open Classifieds 1.7.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) desc, (2) price, (3) title, and (4) place parameters to index.php and the (5) subject parameter to contact.htm, related to content/contact.php. | |||||
| CVE-2010-2958 | 1 Phpmyadmin | 1 Phpmyadmin | 2010-09-13 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in libraries/Error.class.php in phpMyAdmin 3.x before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to a PHP backtrace and error messages (aka debugging messages), a different vulnerability than CVE-2010-3056. | |||||
| CVE-2010-2366 | 1 Futomi | 1 Access Analyzer Cgi | 2010-09-13 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in futomi CGI Cafe Access Analyzer CGI Professional, and Standard 4.0.2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-3317 | 1 Ibm | 1 Filenet Content Manager | 2010-09-13 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-2957 | 1 S9y | 1 Serendipity | 2010-09-10 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Serendipity before 1.5.4, when "Remember me" logins are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-1459 | 1 Mono | 1 Mono | 2010-09-08 | 4.3 MEDIUM | N/A |
| The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by the __VIEWSTATE parameter to 2.0/menu/menu1.aspx in the XSP sample project. | |||||
| CVE-2010-2364 | 1 Common1 | 1 Moobbs | 2010-08-31 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-2365 | 1 Common1 | 1 Moobbs2 | 2010-08-31 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||