Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Total 34649 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-4331 1 Seopanel 1 Seopanel 2018-10-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default_news or (2) sponsors cookies, which are not properly handled by (a) controllers/index.ctrl.php or (b) controllers/settings.ctrl.php.
CVE-2010-4616 1 Impresscms 1 Impresscms 2018-10-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in modules/content/admin/content.php in ImpressCMS 1.2.3 Final, and possibly other versions before 1.2.4, allows remote attackers to inject arbitrary web script or HTML via the quicksearch_ContentContent parameter.
CVE-2010-4836 1 Phpshop 1 Phpshop 2018-10-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and earlier allows remote attackers to inject arbitrary web script or HTML via the name_new parameter.
CVE-2010-5051 1 Razorcms 1 Razorcms 2018-10-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in admin/core/admin_func.php in razorCMS 1.0 stable allows remote attackers to inject arbitrary web script or HTML via the content parameter in an edit action to admin/index.php.
CVE-2010-4868 1 W-agora 1 W-agora 2018-10-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the bn parameter.
CVE-2010-5030 1 Codefabrik 1 Ecomat Cms 2018-10-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the lang parameter in a web action.
CVE-2010-5025 1 Cutesite 1 Cutesite Cms 2018-10-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in manage/main.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote attackers to inject arbitrary web script or HTML via the fld_path parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-4322 1 Novell 1 Vibe Onprem 2018-10-10 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog (aka What Are You Working On?) field.
CVE-2010-5046 1 Ecocms 1 Ecocms 2018-10-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in admin.php in ecoCMS allows remote attackers to inject arbitrary web script or HTML via the p parameter.
CVE-2010-4848 1 Axscripts 1 Axslinks 2018-10-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in addlink.php in AXScripts AxsLinks 0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) url or (2) title parameter.
CVE-2010-4513 1 Zimplit 1 Zimplit Cms 2018-10-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS 3.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) file parameter in a load action to zimplit.php and (2) client parameter to English_manual_version_2.php.
CVE-2010-4358 1 Mrcgiguy 1 Guestbook 2018-10-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in MRCGIGUY (MCG) Guestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, (3) website, and (4) message parameters.
CVE-2010-4907 1 Zenphoto 1 Zenphoto 2018-10-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenphoto 1.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter. NOTE: the from parameter is already covered by CVE-2009-4562.
CVE-2010-4874 1 Ninkobb 1 Ninkobb 2018-10-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in users.php in NinkoBB 1.3 RC5 allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, (3) msn, or (4) aim parameter.
CVE-2010-4930 1 Atmail 1 Webmail 2018-10-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail before 6.2.0 allows remote attackers to inject arbitrary web script or HTML via the MailType parameter in a mail/auth/processlogin action.
CVE-2010-4407 1 Alberto Pittoni 1 Alguest 2018-10-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlGuest 1.1c-patched allow remote attackers to inject arbitrary web script or HTML via the (1) nome (nickname), (2) messaggio (message), and (3) link (homepage) parameters.
CVE-2010-4402 2 Devbits, Wordpress 2 Register-plus, Wordpress 2018-10-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Register Plus plugin 3.5.1 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) firstname, (2) lastname, (3) website, (4) aim, (5) yahoo, (6) jabber, (7) about, (8) pass1, and (9) pass2 parameters in a register action.
CVE-2010-4882 1 Ventics 1 Auto Cms 2018-10-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS 1.6 allows remote attackers to inject arbitrary web script or HTML via the sitetitle parameter.
CVE-2010-5048 2 Joomla, Joomlatune 2 Joomla\!, Com Jcomments 2018-10-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in admin.jcomments.php in the JoomlaTune JComments (com_jcomments) component 2.1.0.0 for Joomla! allows remote authenticated users to inject arbitrary web script or HTML via the name parameter to index.php.
CVE-2010-4693 1 Coppermine-gallery 1 Coppermine Photo Gallery 2018-10-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php.