Vulnerabilities (CVE)

Filtered by CWE-79
Total 44797 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-5042 2 Blueconstantmedia, Joomla 2 Com Djartgallery, Joomla\! 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-5035 1 Iscripts 1 Eswap 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter (aka the search field). NOTE: some of these details are obtained from third party information.
CVE-2010-5031 1 Filenice 1 Filenice 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in fileNice 1.1 allows remote attackers to inject arbitrary web script or HTML via the sstring parameter (aka the Search Box). NOTE: some of these details are obtained from third party information.
CVE-2010-5030 1 Codefabrik 1 Ecomat Cms 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the lang parameter in a web action.
CVE-2010-5027 1 Sfiab 1 Science Fair In A Box 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the type parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-5025 1 Cutesite 1 Cutesite Cms 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in manage/main.php in CuteSITE CMS 1.2.3 and 1.5.0 allows remote attackers to inject arbitrary web script or HTML via the fld_path parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-5018 1 2daybiz 1 Online Classified Script 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
CVE-2010-5010 1 Schoolmation 1 Schoolmation 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in schoolmv2/html/studentmain.php in SchoolMation 2.3 allows remote attackers to inject arbitrary web script or HTML via the session parameter.
CVE-2010-5007 1 Ut-files 1 Utstats 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in pages/match_report.php in UTStats Beta 4 and earlier allows remote attackers to inject arbitrary web script or HTML via the mid parameter.
CVE-2010-5005 1 Rayzz 1 Photoz 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in members/profileCommentsResponse.php in Rayzz Photoz allows remote attackers to inject arbitrary web script or HTML via the profileCommentTextArea parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-5002 1 Exponentcms 1 Exponent Cms 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter.
CVE-2010-4985 1 Mykazaam 1 Notes Management System 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to inject arbitrary web script or HTML via vectors involving the "Enter Reference Number Below" text box.
CVE-2010-4978 1 Nicholas Berry 1 Candid 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inject arbitrary web script or HTML via the image_id parameter.
CVE-2010-4976 1 Metinfo 1 Metinfo 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter (aka Search Box field). NOTE: some of these details are obtained from third party information.
CVE-2010-4973 1 Sourcefabric 1 Campsite 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the search feature in Campsite 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the f_search_keywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-4971 2 Joomla, Videowhisper 2 Joomla\!, Php 2 Way Video Chat 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Video Chat component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the r parameter to index.php.
CVE-2010-4966 1 Atcom 1 Netvolution 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvolution allows remote attackers to inject arbitrary web script or HTML via the query parameter in a Search action.
CVE-2010-4960 2 Martin Hesse, Typo3 2 Mh Branchenbuch, Typo3 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Branchenbuch (aka Yellow Pages or mh_branchenbuch) extension before 0.9.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4956 2 Nadine Schwingler, Typo3 2 Ke Questionnaire, Typo3 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4951 2 Thomas Mammitzsch, Typo3 2 Vx Xajax Shoutbox, Typo3 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xajax_shoutbox) extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.