Total
34410 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4718 | 2 Joomla, Lyften | 2 Joomla\!, Com Lyftenbloggie | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Lyftenbloggie (com_lyftenbloggie) component 1.1.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) tag and (2) category parameters to index.php. | ||||
| CVE-2010-4716 | 1 Novell | 1 Groupwise | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-4710 | 1 Yahoo | 1 Yui | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the addItem method in the Menu widget in YUI before 2.9.0 allows remote attackers to inject arbitrary web script or HTML via a field that is added to a menu, related to documentation that specifies this field as a text field rather than an HTML field, a similar issue to CVE-2010-4569 and CVE-2010-4570. | ||||
| CVE-2010-4693 | 1 Coppermine-gallery | 1 Coppermine Photo Gallery | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php. | ||||
| CVE-2010-4667 | 1 Coppermine-gallery | 1 Coppermine Photo Gallery | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery (CPG) before 1.4.27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-4662 | 1 Pmwiki | 1 Pmwiki | 2024-11-21 | 6.1 Medium |
| PmWiki before 2.2.21 has XSS. | ||||
| CVE-2010-4659 | 1 Status | 1 Statusnet | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents. | ||||
| CVE-2010-4647 | 2 Eclipse, Redhat | 2 Eclipse Ide, Enterprise Linux | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content.jsp. | ||||
| CVE-2010-4646 | 1 Hastymail | 1 Hastymail2 | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 allows remote attackers to inject arbitrary web script or HTML via a crafted background attribute within a cell in a TABLE element, related to improper use of the htmLawed filter. | ||||
| CVE-2010-4642 | 1 Xwiki | 1 Xwiki | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in XWiki Enterprise before 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-4640 | 1 Xwiki | 1 Xwiki Watch | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in XWiki Watch 1.0 allow remote attackers to inject arbitrary web script or HTML via the rev parameter to (1) bin/viewrev/Main/WebHome and (2) bin/view/Blog, and the (3) register_first_name and (4) register_last_name parameters to bin/register/XWiki/Register. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-4637 | 2 Finalcut, Wordpress | 2 Feedlist, Wordpress | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in feedlist/handler_image.php in the FeedList plugin 2.61.01 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter. | ||||
| CVE-2010-4631 | 1 Pilotcart | 1 Pilot Cart | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) countrycode parameter to contact.asp, USERNAME parameter to (2) gateway.asp and (3) cart.asp, and the specific parameter to (4) quote.asp and (5) buyitnow. | ||||
| CVE-2010-4630 | 2 Fubra, Wordpress | 2 Wp-survey-and-quiz-tool, Wordpress | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in pages/admin/surveys/create.php in the WP Survey And Quiz Tool plugin 1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter. | ||||
| CVE-2010-4618 | 2 Algisinfo, Joomla | 2 Aicontactsafe, Joomla\! | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the Algis Info aiContactSafe component before 2.0.14 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-4616 | 1 Impresscms | 1 Impresscms | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in modules/content/admin/content.php in ImpressCMS 1.2.3 Final, and possibly other versions before 1.2.4, allows remote attackers to inject arbitrary web script or HTML via the quicksearch_ContentContent parameter. | ||||
| CVE-2010-4610 | 1 Html-edit | 1 Html-edit Cms | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Html-edit CMS 3.1.8 allows remote attackers to inject arbitrary web script or HTML via the error parameter. | ||||
| CVE-2010-4607 | 1 Habariproject | 1 Habari | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Habari 0.6.5, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) additem_form parameter to system/admin/dash_additem.php and the (2) status_data[] parameter to system/admin/dash_status.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4590 | 1 Ibm | 1 Lotus Mobile Connect | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in HTTP Access Services (HTTP-AS) in the Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-4589 | 1 Ibm | 1 Enovia | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the emxFramework.FilterParameterPattern property. | ||||