Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5710 | 1 Wordpress | 1 Wordpress | 2018-10-15 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows remote attackers to inject arbitrary web script or HTML via the posts_columns array parameter. | |||||
| CVE-2007-5725 | 1 Smart-shop | 1 Smart-shop | 2018-10-15 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Smart-Shop allow remote attackers to inject arbitrary web script or HTML via (1) the email parameter to index.php; or the command parameter to index.php in (2) the default action for the home page, (3) a currencies action, or (4) a basket action. | |||||
| CVE-2007-5724 | 1 Omnistar Interactive | 1 Omnistar Live | 2018-10-15 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via (1) the category_id parameter to users/kb.php, and possibly (3) the Email Box field in profile.php. | |||||
| CVE-2007-5727 | 1 Oneorzero | 1 Oneorzero Helpdesk | 2018-10-15 | 4.3 MEDIUM | N/A |
| Incomplete blacklist vulnerability in the stripScripts function in common.php in OneOrZero Helpdesk 1.6.5.4, 1.6.4.2, and possibly other versions, allows remote attackers to conduct cross-site scripting (XSS) attacks and inject arbitrary web script or HTML via XSS sequences without SCRIPT tags in the description parameter to (1) tcreate.php or (2) tupdate.php, as demonstrated using an onmouseover event in a b tag. | |||||
| CVE-2007-5806 | 1 Ilias | 1 Ilias | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Services/Utilities/classes/class.ilUtil.php in ILIAS 3.8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via attributes inside a domain-name string in the (1) mailing or (2) forum component, as demonstrated using the style and onmouseover HTML attributes. | |||||
| CVE-2007-5833 | 1 Bosdev | 1 Bosmarket Business Directory System | 2018-10-15 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in BosDev BosMarket Business Directory System allow remote authenticated users to inject arbitrary web script or HTML via (1) user info (account details) or (2) a post. | |||||
| CVE-2007-5834 | 1 Bosdev | 1 Bosnews | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in BosDev BosNews 4 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in a news post. | |||||
| CVE-2007-5625 | 1 Simongibson | 1 Asp Site Search Searchsimon Lite | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site Search SearchSimon Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter. | |||||
| CVE-2007-5677 | 1 Hackish | 1 Hackish | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in shoutbox/blocco.php in Hackish BETA 1.1 allows remote attackers to inject arbitrary web script or HTML via the go_shout parameter. | |||||
| CVE-2007-5478 | 1 Nabh Information Systems | 1 Stringbeans Portal | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in projects in Nabh Stringbeans Portal (sbportal) 3.2 allows remote attackers to inject arbitrary web script or HTML via the project_name parameter. | |||||
| CVE-2007-5479 | 1 Xcomputer | 1 Xcomputer | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Search.asp in Xcomputer allows remote attackers to inject arbitrary web script or HTML via the EXPS parameter. | |||||
| CVE-2007-5564 | 1 Simple Php Forum | 1 Simple Php Forum | 2018-10-15 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NSSboard (formerly Simple PHP Forum) 6.1 allow remote attackers to inject arbitrary web script or HTML via (1) HTML tags when BBcode is disabled; or the (2) user, (3) email, or (4) Real Name fields in a profile. | |||||
| CVE-2007-5582 | 1 Cisco | 1 Ciscoworks Server | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the login page in Cisco CiscoWorks Server (CS), possibly 2.6 and earlier, when using CiscoWorks Common Services 3.0.x and 3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2007-5370 | 1 Netwin | 1 Dnewsweb | 2018-10-15 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/dnewsweb.exe in NetWin DNewsWeb (DNews News Server) 57e1 allow remote attackers to inject arbitrary web script or HTML via the (1) group or (2) utag parameter. | |||||
| CVE-2007-5385 | 2 Alcatel, Bt | 2 Speedtouch 7g Router, Home Hub | 2018-10-15 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2007-5386 | 1 Phpmyadmin | 1 Phpmyadmin | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string. | |||||
| CVE-2007-5414 | 1 Mozilla | 1 Firefox | 2018-10-15 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses single quote characters to delimit a literal string within an XSS sequence, a related issue to CVE-2007-5415. | |||||
| CVE-2007-5415 | 1 Mozilla | 1 Firefox | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Mozilla Firefox 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses '/' (slash) characters to delimit a literal string within an XSS sequence, a related issue to CVE-2007-5414. | |||||
| CVE-2007-5426 | 1 Interspire | 1 Activekb Nx | 2018-10-15 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ActiveKB NX 2.5.4 allow remote attackers to inject arbitrary web script or HTML via the page parameter to the default URI for some directories, as demonstrated by (1) ActiveKB/ and (2) default/categories/ActiveKB/. | |||||
| CVE-2007-5427 | 1 Joomla | 2 Com Search Component, Joomla | 2018-10-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the com_search component in Joomla! 1.0.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. NOTE: this might be related to CVE-2007-4189.1. | |||||