Vulnerabilities (CVE)

Filtered by CWE-79
Total 44813 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-4111 3 Hp, Linux, Microsoft 3 Insight Diagnostics, Linux Kernel, Windows 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4109 1 Hp 1 Palm Webos 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file.
CVE-2010-4101 1 Hp 1 Insight Recovery 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Insight Recovery before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4097 1 Avatic 1 Aardvark Topsites Php 2026-06-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) title, (3) u, and (4) url parameters. NOTE: the q parameter is already covered by CVE-2009-2302.
CVE-2010-4071 1 Otrs 1 Otrs 2026-06-16 2.6 LOW N/A
Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichText is enabled, allows remote attackers to inject arbitrary web script or HTML via JavaScript in an HTML e-mail.
CVE-2010-4047 1 Opera 1 Opera Browser 2026-06-16 4.3 MEDIUM N/A
Opera before 10.63 does not properly select the security context of JavaScript code associated with an error page, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.
CVE-2010-4030 1 Hp 1 Insight Control Performance Management 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4023 1 Hp 1 Insight Control Power Management 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Insight Control Power Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3994 1 Hp 2 Hp, Version Control Repository Manager 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3991 1 Hp 2 Insight Control Server Migration, Insight Control Server Migration6.0.1 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3987 1 Hp 1 Insight Control Virtual Machine Management 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3985 2 Hp, Microsoft 2 Operations Orchestration, Internet Explorer 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3981 1 Sap 1 Businessobjects 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Parameters page.
CVE-2010-3977 2 Deliciousdays, Wordpress 2 Cforms, Wordpress 2026-06-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plugins/cforms/lib_ajax.php in cforms WordPress plugin 11.5 allow remote attackers to inject arbitrary web script or HTML via the (1) rs and (2) rsargs[] parameters.
CVE-2010-3936 1 Microsoft 1 Forefront Unified Access Gateway 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "XSS in Signurl.asp Vulnerability."
CVE-2010-3931 1 Rocomotion 10 P Board, P Diary R, P Forum and 7 more 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and earlier, P up board 1.38 and other versions, P diary R 1.13 and earlier, P link 1.11 and earlier, P link compact 1.04 and earlier, pplog 3.31 and earlier, pplog2 3.37 and earlier, PM bbs 1.07 and earlier, PM up bbs 1.08 and earlier, and PM forum 1.18 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2010-3926 1 Wb-i 2 Sgx-sp Final, Sgx-sp Final Ne 2026-06-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in SGX-SP Final before 11.00 and SGX-SP Final NE before 11.00 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3921 1 Sixapart 1 Movabletype 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3911 1 Vtiger 1 Vtiger Crm 2026-06-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM before 5.2.1 allow remote attackers to inject arbitrary web script or HTML via (1) the username (aka default_user_name) field or (2) the password field in a Users Login action to index.php, or (3) the label parameter in a Settings GetFieldInfo action to index.php, related to modules/Settings/GetFieldInfo.php.
CVE-2010-3906 2 Git, Git-scm 2 Git, Git 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.