Total
40647 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-1069 | 1 Phpshop | 1 Phpshop | 2024-11-21 | 6.1 Medium |
| PHPShop through 0.8.1 has XSS. | ||||
| CVE-2011-1009 | 1 Vanillaforums | 1 Vanilla | 2024-11-21 | 6.1 Medium |
| Vanilla Forums 2.0.17.1 through 2.0.17.5 has XSS in /vanilla/index.php via the p parameter. | ||||
| CVE-2011-0544 | 2 Debian, Phpbb | 2 Debian Linux, Phpbb | 2024-11-21 | 6.1 Medium |
| phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag. | ||||
| CVE-2011-0428 | 1 Ikiwiki | 1 Ikiwiki | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) in ikiwiki before 3.20110122 could allow remote attackers to insert arbitrary JavaScript due to insufficient checking in comments. | ||||
| CVE-2010-5340 | 1 Icewarp | 1 Webclient | 2024-11-21 | 6.1 Medium |
| IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0. | ||||
| CVE-2010-5339 | 1 Icewarp | 1 Webclient | 2024-11-21 | 6.1 Medium |
| IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][uid] is non-persistent in 10.1.3 and 10.2.0. | ||||
| CVE-2010-5338 | 1 Icewarp | 1 Webclient | 2024-11-21 | 6.1 Medium |
| IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][action] is non-persistent in 10.1.3 and 10.2.0. | ||||
| CVE-2010-5337 | 1 Icewarp | 1 Webclient | 2024-11-21 | 6.1 Medium |
| IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][controller] is non-persistent in 10.1.3 and 10.2.0. | ||||
| CVE-2010-5336 | 1 Icewarp | 1 Webclient | 2024-11-21 | 6.1 Medium |
| IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0. | ||||
| CVE-2010-4662 | 1 Pmwiki | 1 Pmwiki | 2024-11-21 | 6.1 Medium |
| PmWiki before 2.2.21 has XSS. | ||||
| CVE-2010-4659 | 1 Status | 1 Statusnet | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents. | ||||
| CVE-2010-4264 | 1 Vanillaforums | 1 Vanilla Forums | 2024-11-21 | 6.1 Medium |
| It was found in vanilla forums before 2.0.10 a cross-site scripting vulnerability where a filename could contain arbitrary code to execute on the client side. | ||||
| CVE-2010-4245 | 1 Translatehouse | 1 Pootle | 2024-11-21 | 6.1 Medium |
| pootle 2.0.5 has XSS via 'match_names' parameter | ||||
| CVE-2010-4240 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-11-21 | 6.1 Medium |
| Tiki Wiki CMS Groupware 5.2 has XSS | ||||
| CVE-2010-3857 | 1 Redhat | 1 Jboss Business Rules Management System | 2024-11-21 | 6.1 Medium |
| JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter. | ||||
| CVE-2010-3674 | 2 Debian, Typo3 | 2 Debian Linux, Typo3 | 2024-11-21 | 6.1 Medium |
| TYPO3 before 4.4.1 allows XSS in the frontend search box. | ||||
| CVE-2010-3672 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 6.1 Medium |
| TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase extension. | ||||
| CVE-2010-3669 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 5.4 Medium |
| TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS and Open Redirection in the frontend login box. | ||||
| CVE-2010-3665 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 5.4 Medium |
| TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the Extension Manager. | ||||
| CVE-2010-3660 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 5.4 Medium |
| TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the backend. | ||||