Total
34410 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-3465 | 1 Ecommercesoft | 1 Xse Shopping Cart | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in XSE Shopping Cart 1.5.2.1 and 1.5.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to Default.aspx and the (2) type parameter to SearchResults.aspx. | ||||
| CVE-2010-3463 | 1 Santafox | 1 Santafox | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in modules/search/search.class.php in SantaFox 2.02, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the search parameter to search.html. | ||||
| CVE-2010-3462 | 1 Mollify | 1 Mollify | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in backend/plugin/Registration/index.php in Mollify 1.6, 1.6.5.5, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the confirm parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-3459 | 1 Gecad | 1 Axigen Mail Server | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the Ajax WebMail interface in AXIGEN Mail Server before 7.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-3457 | 1 Getsymphony | 1 Symphony | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.0.7 and 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) fields[website] parameter in the post comments feature in articles/a-primer-to-symphony-2s-default-theme/ or (2) send-email[recipient] parameter to about/. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-3455 | 1 Atutor | 1 Achecker | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in AChecker 1.0 allows remote attackers to inject arbitrary web script or HTML via the uri parameter. | ||||
| CVE-2010-3447 | 1 Horde | 1 Gollem | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a view_file action. | ||||
| CVE-2010-3427 | 1 Open-classifieds | 1 Open Classifieds | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Open Classifieds 1.7.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) desc, (2) price, (3) title, and (4) place parameters to index.php and the (5) subject parameter to contact.htm, related to content/contact.php. | ||||
| CVE-2010-3425 | 1 Smartertools | 1 Smarterstats | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in UserControls/Popups/frmHelp.aspx in SmarterStats 5.3, 5.3.3819, and possibly other 5.3 versions, allows remote attackers to inject arbitrary web script or HTML via the url parameter. | ||||
| CVE-2010-3424 | 1 Invisioncommunity | 1 Invision Power Board | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/sources/classes/bbcode/custom/defaults.php in Invision Power Board (IP.Board) 3.1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-3421 | 1 Productcart | 1 Productcart | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in ProductCart 3, 4.1 SP1, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter, a different vector than CVE-2004-2174 and CVE-2005-0995. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-3420 | 1 Webassist | 1 Powerstore | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in Products_Results.php in PowerStore 3.0 allows remote attackers to inject arbitrary web script or HTML via the totalRows_WADAProducts parameter. | ||||
| CVE-2010-3418 | 1 Netartmedia | 1 Car Portal | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Car Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) car_id parameter to index.php and (2) y parameter to include/images.php. | ||||
| CVE-2010-3324 | 1 Microsoft | 6 Groove Server, Internet Explorer, Sharepoint Foundation and 3 more | 2024-11-21 | N/A |
| The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a crafted use of the Cascading Style Sheets (CSS) @import rule, aka "HTML Sanitization Vulnerability," a different vulnerability than CVE-2010-1257. | ||||
| CVE-2010-3317 | 1 Ibm | 1 Filenet Content Manager | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-3314 | 1 Egroupware | 1 Egroupware | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309; allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | ||||
| CVE-2010-3303 | 1 Mantisbt | 1 Mantisbt | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before 1.2.3 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) a plugin name, related to manage_plugin_uninstall.php; (2) an enumeration value or (3) a String value of a custom field, related to core/cfdefs/cfdef_standard.php; or a (4) project or (5) category name to print_all_bug_page_word.php. | ||||
| CVE-2010-3294 | 2 Pecl-php, Redhat | 2 Alternative Php Cache, Enterprise Linux | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in apc.php in the Alternative PHP Cache (APC) extension before 3.1.4 for PHP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-3291 | 1 Hp | 2 Assetcenter, Assetmanager | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x through AC_5.03, and AssetManager 5.1x through AM_5.12 and 5.2x through AM_5.22, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-3289 | 1 Hp | 1 Systems Insight Manager | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||