Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-1689 | 1 Bestpractical | 1 Rt | 2017-08-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1662 | 2 Drupal, Icanlocalize | 2 Drupal, Translation Management | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Translation Management module 6.x before 6.x-1.21 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1714 | 2 Eyeos, Qooxdoo | 2 Eyeos, Qooxdoo | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in framework/source/resource/qx/test/jsonp_primitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to inject arbitrary web script or HTML via the callback parameter. | |||||
| CVE-2011-1726 | 1 Hp | 1 Sitescope | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1727 | 1 Hp | 1 Sitescope | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an "HTML injection" issue. | |||||
| CVE-2011-1841 | 1 Mojolicious | 1 Mojolicious | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the link_to helper in Mojolicious before 1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-1862 | 1 Hp | 2 Service Center, Service Manager | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-3602 | 1 Sourcetreesolutions | 1 Mojoportal | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ProfileView.aspx in mojoPortal 2.3.4.3 and 2.3.5.1 allows remote attackers to inject arbitrary web script or HTML via the User ID parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-3607 | 1 Netartmedia | 1 Real Estate Portal | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allows remote authenticated users to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2010-3841 | 1 Twiki | 1 Twiki | 2017-08-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.pm in TWiki before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the rev parameter to the view script or (2) the query string to the login script. | |||||
| CVE-2010-3871 | 1 Mahara | 1 Mahara | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in blocktype/groupviews/theme/raw/groupviews.tpl in Mahara before 1.3.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-3926 | 1 Wb-i | 2 Sgx-sp Final, Sgx-sp Final Ne | 2017-08-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in SGX-SP Final before 11.00 and SGX-SP Final NE before 11.00 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-4030 | 1 Hp | 1 Insight Control Performance Management | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-4120 | 1 Ibm | 1 Tivoli Access Manager For E-business | 2017-08-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/. | |||||
| CVE-2010-4155 | 1 Exv2 | 1 Exv2 | 2017-08-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) rssfeedURL parameter to manual/caferss/example.php and the sumb parameter to (2) modules/news/archive.php, (3) modules/news/topics.php, and (4) modules/contact/index.php, different vectors than CVE-2007-1965. | |||||
| CVE-2010-4146 | 1 Attachmate | 1 Reflection For The Web | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds 10.1.569 and earlier), 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-4275 | 1 Dmasoftlab | 1 Radius Manager | 2017-08-16 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) name or (2) descr parameter in an (a) update_usergroup or a (b) store_nas action to admin.php. | |||||
| CVE-2010-4324 | 1 Novell | 2 Identity Manager, Identity Manager Roles Based Provisioning Module | 2017-08-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-4355 | 1 Dadabik | 1 Dadabik | 2017-08-16 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3 beta2, when the insert or edit feature is enabled, allows remote authenticated users to inject arbitrary web script or HTML via the select_single parameter. | |||||
| CVE-2010-4364 | 1 Dadabik | 1 Dadabik | 2017-08-16 | 4.3 MEDIUM | N/A |
| DaDaBIK 4.3 beta3, when running in a case-sensitive environment, does not include the htmLawed library, which allows remote attackers to bypass the protection mechanism for CVE-2010-4355 and conduct cross-site scripting (XSS) attacks via the (1) html content and (2) rich_editor fields. NOTE: some of these details are obtained from third party information. | |||||