Search Results (47433 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-2311 1 Web2py 1 Web2py 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in static/js/share.js (aka the social bookmarking widget) in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-5050 1 Vmware 1 Vcenter Operations 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the server in VMware vCenter Operations (aka vCOps) before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-2314 1 Lockon 1 Ec-cube 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the adminAuthorization function in data/class/helper/SC_Helper_Session.php in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL associated with the management screen.
CVE-2011-3978 1 Lightneasy 1 Lightneasy 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy.php in LightNEasy 3.2.4 allow remote authenticated users to inject arbitrary web script or HTML via the (1) commentemail, (2) commentmessage, or (3) commentname parameter in a sendcomment action for the news page.
CVE-2010-4618 2 Algisinfo, Joomla 2 Aicontactsafe, Joomla\! 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Algis Info aiContactSafe component before 2.0.14 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-5102 1 Dariusz Handzlik 1 Vertrigoserv 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in inc/extensions.php in VertrigoServ 2.25 allows remote attackers to inject arbitrary web script or HTML via the ext parameter.
CVE-2012-5104 1 Ubbcentral 1 Ubb.threads 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in UBB.threads 7.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the Loginname parameter.
CVE-2012-5105 1 Sqlitemanager 1 Sqlitemanager 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.4 allow remote attackers to inject arbitrary web script or HTML via the dbsel parameter to (1) main.php or (2) index.php; or (3) nsextt parameter to index.php.
CVE-2010-4631 1 Pilotcart 1 Pilot Cart 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) countrycode parameter to contact.asp, USERNAME parameter to (2) gateway.asp and (3) cart.asp, and the specific parameter to (4) quote.asp and (5) buyitnow.
CVE-2011-1422 1 Emc 1 Rsa Adaptive Authentication On-premise 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in EMC RSA Adaptive Authentication On-Premise (AAOP) 2.x, 5.7.x, and 6.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2012-5175 1 Kent-web 1 Access Report 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to access-log data.
CVE-2010-4642 1 Xwiki 1 Xwiki 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in XWiki Enterprise before 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-4038 2 Dreamreport, Invensys 2 Dream Report, Wonderware Hmi Reports 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
CVE-2012-5200 1 Hp 2 Intelligent Management Center, Intelligent Management Center For Automated Network Manager 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-5226 1 Peel 1 Peel Shopping 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING 2.8 and 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) motclef parameter to achat/recherche.php or (2) PATH_INFO to index.php.
CVE-2012-5233 2 Drupal, Luke Herrington 2 Drupal, Stickynote 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote authenticated users with edit stickynotes privileges to inject arbitrary web script or HTML via unspecified vecotrs.
CVE-2009-4688 1 Resalecode 1 Php Shopping Cart Selling Website Script 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Shopping Cart Selling Website Script allow remote attackers to inject arbitrary web script or HTML via the (1) txtkeywords and (2) cid parameters.
CVE-2009-4926 1 Esoftpro 1 Online Contact Manager 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Online Contact Manager (formerly EContact PRO) 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) showGroup parameter to (a) index.php and the (2) id parameter to (b) view.php, (c) email.php, (d) edit.php, and (e) delete.php.
CVE-2010-4976 1 Metinfo 1 Metinfo 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter (aka Search Box field). NOTE: some of these details are obtained from third party information.
CVE-2010-4985 1 Mykazaam 1 Notes Management System 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to inject arbitrary web script or HTML via vectors involving the "Enter Reference Number Below" text box.