Total
34649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1655 | 1 Powereasy | 1 Siteweaver | 2018-10-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in User/User_ChkLogin.asp in PowerEasy 2006 and PowerEasy SiteWeaver 6.8 allows remote attackers to inject arbitrary web script or HTML via the ComeUrl parameter. | |||||
| CVE-2010-1609 | 1 Sap | 1 Netweaver | 2018-10-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-1905 | 1 Consona | 3 Consona Dynamic Agent, Consona Live Assistance, Consona Subscriber Assistance | 2018-10-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allow remote attackers to inject arbitrary web script or HTML via crafted input to ASP pages, as demonstrated using the backurl parameter to sdccommon/verify/asp/n6plugindestructor.asp. | |||||
| CVE-2010-1593 | 1 Silverstripe | 1 Silverstripe | 2018-10-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (1) the CommenterURL parameter to PostCommentForm, and in the Forum module before 0.2.5 in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (2) the Search parameter to forums/search (aka the search script). | |||||
| CVE-2010-1481 | 1 Pmwiki | 1 Pmwiki | 2018-10-10 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the table feature in PmWiki 2.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the width attribute. | |||||
| CVE-2010-1464 | 1 Webasyst | 1 Shop-script | 2018-10-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WebAsyst Shop-Script FREE allow remote attackers to inject arbitrary web script or HTML via the (1) currency_id_left, (2) currency_id_right, (3) darkcolor, (4) lightcolor, (5) middlecolor, and (6) w parameters. | |||||
| CVE-2010-1275 | 1 Bbsxp | 1 Bbsxp | 2018-10-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ShowPost.asp in BBSXP 2008 allows remote attackers to inject arbitrary web script or HTML via the ThreadID parameter. | |||||
| CVE-2018-7090 | 1 Hp | 1 Xp 9000 Command View | 2018-10-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| HPE XP P9000 Command View Advanced Edition Software (CVAE) has local and remote cross site scripting vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr. | |||||
| CVE-2010-1227 | 1 Sun | 1 Java System Communications Express | 2018-10-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that performs a cross-site request forgery (CSRF) attack involving the cmd and argv parameters to cmd.msc. | |||||
| CVE-2010-0997 | 1 E107 | 1 E107 | 2018-10-10 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in 107_plugins/content/content_manager.php in the Content Management plugin in e107 before 0.7.20, when the personal content manager is enabled, allows user-assisted remote authenticated users to inject arbitrary web script or HTML via the content_heading parameter. | |||||
| CVE-2010-0949 | 1 Natychmiast-cms | 1 Natychmiast-cms | 2018-10-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Natychmiast CMS allow remote attackers to inject arbitrary web script or HTML via the id_str parameter to (1) index.php and (2) a_index.php. | |||||
| CVE-2010-0959 | 1 Ibm | 1 Enovia Smarteam | 2018-10-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebEditor/Authentication/LoginPage.aspx in IBM ENOVIA SmarTeam 5 allows remote attackers to inject arbitrary web script or HTML via the errMsg parameter. | |||||
| CVE-2010-0947 | 1 Bbsmax | 1 Bbsmax | 2018-10-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in post.aspx in Max Network Technology BBSMAX 3.0, 4.1, and 4.2 allows remote attackers to inject arbitrary web script or HTML via the action parameter. | |||||
| CVE-2010-0640 | 1 Ca | 1 Ehealth Performance Manager | 2018-10-10 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when malicious HTML detection is disabled, allows remote attackers to inject arbitrary web script or HTML via a crafted request. | |||||
| CVE-2010-0716 | 1 Microsoft | 1 Sharepoint Server | 2018-10-10 | 3.5 LOW | N/A |
| _layouts/Upload.aspx in the Documents module in Microsoft SharePoint before 2010 uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading TXT files, a related issue to CVE-2008-5026. NOTE: the vendor disputes the significance of this issue, because cross-domain isolation can be implemented when needed. | |||||
| CVE-2010-0615 | 1 Myshell | 1 Evalsmsi | 2018-10-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in assess.php in evalSMSI 2.1.03 allows remote attackers to inject arbitrary web script or HTML via the reports comment box in a continue_assess action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0684 | 1 Apache | 1 Activemq | 2018-10-10 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action. | |||||
| CVE-2010-0714 | 1 Ibm | 4 Lotus Quickr, Lotus Web Content Management, Lotus Workplace Web Content Management and 1 more | 2018-10-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string. | |||||
| CVE-2010-0703 | 1 Portwise | 1 Ssl Vpn | 2018-10-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VPN 4.6 allows remote attackers to inject arbitrary web script or HTML via the reloadFrame parameter. | |||||
| CVE-2010-0804 | 1 Netartmedia | 1 Iboutique | 2018-10-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in iBoutique 4.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter in a products action. | |||||