Filtered by CWE-79

Search

Switch to Advanced Search (Beta)
Total 34410 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2010-0697 2 Drupal, Ilya Ivanchenko 2 Drupal, Itweak Upload 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the iTweak Upload module 6.x-1.x before 6.x-1.2 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users, with create content and upload file permissions, to inject arbitrary web script or HTML via the file name of an uploaded file.
CVE-2010-0695 1 Basic-cms 1 Basic-cms 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the nav_id parameter.
CVE-2010-0684 1 Apache 1 Activemq 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action.
CVE-2010-0675 1 Bgsvetionik 1 Bgs Cms 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in index.php in BGSvetionik BGS CMS 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action. NOTE: some of these details are obtained from third party information.
CVE-2010-0641 1 Cisco 1 Collaboration Server 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage.jhtml in Cisco Collaboration Server (CCS) 5 allows remote attackers to inject arbitrary web script or HTML via the dest parameter.
CVE-2010-0640 1 Ca 1 Ehealth Performance Manager 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when malicious HTML detection is disabled, allows remote attackers to inject arbitrary web script or HTML via a crafted request.
CVE-2010-0636 1 K5n 1 Webcalendar 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.2.0, and other versions before 1.2.5, allow remote attackers to inject arbitrary web script or HTML via the (1) tab parameter to users.php and the PATH_INFO to (2) day.php, (3) month.php, and (4) week.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0617 1 Myshell 1 Evalsmsi 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to inject arbitrary web script or HTML via the return parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-0615 1 Myshell 1 Evalsmsi 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in assess.php in evalSMSI 2.1.03 allows remote attackers to inject arbitrary web script or HTML via the reports comment box in a continue_assess action. NOTE: some of these details are obtained from third party information.
CVE-2010-0607 1 Sterlitetechnologies 1 Sam300 Ax Router 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 in the Sterlite SAM300 AX Router allows remote attackers to inject arbitrary web script or HTML via the Stat_Radio parameter.
CVE-2010-0606 1 Osticket 1 Osticket 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users to inject arbitrary web script or HTML via the f parameter, possibly related to an error message generated by scp/admin.php.
CVE-2010-0594 1 Cisco 1 Router And Security Device Manager 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Cisco Router and Security Device Manager (SDM) allows remote attackers to inject arbitrary web script or HTML via unknown vectors, aka Bug ID CSCtb38467.
CVE-2010-0544 2 Apple, Microsoft 7 Mac Os X, Mac Os X Server, Safari and 4 more 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to a malformed URL.
CVE-2010-0541 2 Apple, Redhat 3 Mac Os X, Mac Os X Server, Enterprise Linux 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page.
CVE-2010-0475 1 Palo Alto Networks 1 Firewall 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0.x before 3.0.9 and 3.1.x before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the role parameter.
CVE-2010-0470 1 Comtrend 1 Ct-507it Adsl Router 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend CT-507IT ADSL Router allows remote attackers to inject arbitrary web script or HTML via the srvName parameter.
CVE-2010-0468 1 Paperthin 1 Commonspot Content Server 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in PaperThin CommonSpot Content Server allows remote attackers to inject arbitrary web script or HTML via the url parameter.
CVE-2010-0465 1 Sugarcrm 1 Sugarcrm 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the online Documents functionality in SugarCRM 5.2.x before 5.2.0l and 5.5.x before 5.5.0a allows remote authenticated users to inject arbitrary web script or HTML via the Document Name field.
CVE-2010-0460 1 Kayako 2 Esupport, Supportsuite 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in staff/index.php in Kayako SupportSuite 3.60.04 and earlier allow remote authenticated users to inject arbitrary web script or HTML via the (1) subject parameter and (2) contents parameter (aka body) in an insertquestion action. NOTE: some of these details are obtained from third party information.
CVE-2010-0455 1 Punbb 1 Punbb 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in forum/viewtopic.php in PunBB 1.3 allows remote attackers to inject arbitrary web script or HTML via the pid parameter.