Vulnerabilities (CVE)

CWE filter

CWE-79

Filter

12018 total CVE
CVE Vendors Products Updated CVSS
CVE-2007-4557 1 Novell 1 Groupwise Webaccess 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess allows remote attackers to inject arbitrary web script or HTML via the User.Id parameter, as demonstrated by a URL within a url field in a STYLE...
CVE-2006-3924 1 Dokeos 1 Dokeos 2008-09-05 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before 1.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-3579 1 Fujitsu 1 Serverview 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-0535 1 Communityserver.org 1 Community Server 2008-09-05 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Community Server allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. NOTE: this candidate does not contain any actionable or distinguishing information....
CVE-2004-2756 1 Xoops 1 Xoops 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in viewtopic.php in Xoops 2.x, possibly 2 through 2.0.5, allows remote attackers to inject arbitrary web script or HTML via the (1) forum and (2) topic_id parameters.
CVE-2004-2752 1 Postnuke Software Foundation 1 Postnuke 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote attackers to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action.
CVE-2003-1539 1 Onedotoh 1 Simple File Manager 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names.
CVE-2003-1511 1 Bajie 1 Java Http Server 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or...
CVE-2002-2424 1 Ekilat Llc 1 Php%28reactor%29 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag.
CVE-2002-2422 1 Compaq 1 Insight Management Agent 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in Compaq Insight Management Agents 2.0, 2.1, 3.6.0, 4.2 and 4.3.7 allows remote attackers to inject arbitrary web script or HTML via a URL, which inserts the script into the resulting error message.
CVE-2002-2418 1 Acfp Project 1 Acfreeproxy 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in acFreeProxy (aka acFP) 1.33 beta 7 allows remote attackers to inject arbitrary web script or HTML via the URL, which is inserted into an error page.
CVE-2002-2386 1 Xoops 1 Xoops 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS 1.0, when allowing on-line question development, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the SRC attribute of an IMG tag.
CVE-2002-2378 1 Nakata 1 An Httpd 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page.
CVE-2002-2377 1 Sephiroth32 1 Zap Book 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inject arbitrary SSi directives, web script, and HTML via the entry field.
CVE-2002-2376 1 Leung 1 E-guest 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the (1) full name, (2) email, (3) homepage, and (4) location parameters. NOTE: this...
CVE-2002-2364 1 Sourceforge 1 Php Ticket 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in PHP Ticket 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a help ticket.
CVE-2002-2362 1 Sourceforge 1 Mymarket 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in form_header.php in MyMarket 1.71 allows remote attackers to inject arbitrary web script or HTML via the noticemsg parameter.
CVE-2002-2359 1 Mozilla 1 Mozilla 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL.
CVE-2002-2358 1 Opera Software 1 Opera Web Browser 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL.
CVE-2002-2350 1 Phpoutsourcing 1 Zorum 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter.