Total
36870 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3183 | 1 Concretecms | 1 Concrete Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-Site Scripting (XSS) vulnerability exists in the rcID parameter in Concrete CMS 5.4.1.1 and earlier. | |||||
| CVE-2011-2935 | 1 Elgg | 1 Elgg | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Elgg through 1.7.10 has XSS | |||||
| CVE-2011-2714 | 1 Drupal | 2 Data, Drupal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display. | |||||
| CVE-2011-2706 | 1 Snewscms | 1 Snews | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-Site Scripting (XSS) vulnerability exists in the reorder administrator functions in sNews 1.71. | |||||
| CVE-2011-2670 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets | |||||
| CVE-2011-2499 | 1 Mambo-foundation | 1 Mambo Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mambo CMS through 4.6.5 has multiple XSS. | |||||
| CVE-2011-1497 | 1 Rubyonrails | 1 Rails | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6. | |||||
| CVE-2011-1150 | 1 Bbpress | 1 Bbpress | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| bbPress through 1.0.2 has XSS in /bb-login.php url via the re parameter. | |||||
| CVE-2011-1135 | 1 S9y | 1 Serendipity | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php. | |||||
| CVE-2011-1133 | 1 S9y | 1 Serendipity | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php. | |||||
| CVE-2011-1086 | 1 Openfiler | 1 Openfiler | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in admin/system.html in Openfiler 2.3 allows remote attackers to inject arbitrary web script or HTML via the device parameter. | |||||
| CVE-2011-1084 | 1 Smoothwall | 1 Smoothwall Express | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Smoothwall Express 3. | |||||
| CVE-2011-1069 | 1 Phpshop | 1 Phpshop | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| PHPShop through 0.8.1 has XSS. | |||||
| CVE-2011-1009 | 1 Vanillaforums | 1 Vanilla | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Vanilla Forums 2.0.17.1 through 2.0.17.5 has XSS in /vanilla/index.php via the p parameter. | |||||
| CVE-2011-0544 | 2 Debian, Phpbb | 2 Debian Linux, Phpbb | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag. | |||||
| CVE-2011-0428 | 1 Ikiwiki | 1 Ikiwiki | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) in ikiwiki before 3.20110122 could allow remote attackers to insert arbitrary JavaScript due to insufficient checking in comments. | |||||
| CVE-2010-5340 | 1 Icewarp | 1 Webclient | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0. | |||||
| CVE-2010-5339 | 1 Icewarp | 1 Webclient | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][uid] is non-persistent in 10.1.3 and 10.2.0. | |||||
| CVE-2010-5338 | 1 Icewarp | 1 Webclient | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][action] is non-persistent in 10.1.3 and 10.2.0. | |||||
| CVE-2010-5337 | 1 Icewarp | 1 Webclient | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][controller] is non-persistent in 10.1.3 and 10.2.0. | |||||