Total
30639 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-6244 | 1 Adobe | 1 Flash Player | 2024-11-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer. | |||||
| CVE-2007-6232 | 8 Ftp, Hp, Ibm and 5 more | 9 Admin, Hp-ux, Tru64 and 6 more | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action. | |||||
| CVE-2007-6219 | 1 Ibm | 1 Tivoli Netcool Security Manager | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool Security Manager 1.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2007-6205 | 1 S9y | 1 Serendipity | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed. | |||||
| CVE-2007-6203 | 1 Apache | 1 Http Server | 2024-11-21 | 4.3 MEDIUM | N/A |
| Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918. | |||||
| CVE-2007-6196 | 1 Calacode | 1 Atmail Webmail System | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in util.php in Calacode @Mail before 5.2 allows remote attackers to inject arbitrary web script or HTML via the func parameter. | |||||
| CVE-2007-6173 | 1 Liferay | 1 Liferay Enterprise Portal | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Enterprise Portal 4.3.1 allows remote attackers to inject arbitrary web script or HTML via the emailAddress parameter in a Send New Password action, a different vector than CVE-2007-6055. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6162 | 1 Wsdeluxe | 1 Fmdeluxe | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in FMDeluxe 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a category action. | |||||
| CVE-2007-6160 | 1 Tilde | 1 Tilde Cms | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via the aarstal parameter in a yeardetail action. | |||||
| CVE-2007-6157 | 1 Simplegallery | 1 Simplegallery | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in SimpleGallery 0.1.3 allows remote attackers to inject arbitrary web script or HTML via the album parameter. | |||||
| CVE-2007-6156 | 1 Secureideas | 1 Basic Analysis And Security Engine | 2024-11-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[0] and (2) sig[1] parameters. | |||||
| CVE-2007-6142 | 1 Salims Softhouse | 1 Jaf Cms | 2024-11-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just another flat file (JAF) CMS 4.0 RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) show parameter to index.php and the (2) print parameter to print.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-6141 | 1 Vbtube | 1 Vbtube | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in vBTube.php in vBTube 1.1 Beta allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
| CVE-2007-6136 | 1 M2scripts | 1 My Space Scripts Poll Creator | 2024-11-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in M2Scripts MySpace Scripts Poll Creator allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) intro, and (3) question parameters, and (4) unspecified answer parameters, in a create_new action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6135 | 1 Phpslideshow | 1 Phpslideshow | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpslideshow.php in PHPSlideShow 0.9.9.2, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the directory parameter. NOTE: this issue was originally reported for toonchapter8.php, but this is probably a site-specific name, since the PHPSlideShow distribution does not contain that file. | |||||
| CVE-2007-6126 | 1 Project Alumni | 1 Project Alumni | 2024-11-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the year parameter to (1) xml/index.php; or (2) the year parameter to view.page.inc.php, which is reachable through a view action to the top-level index.php. | |||||
| CVE-2007-6124 | 1 Softbiz | 1 Freelancers Script | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in signin.php in Softbiz Freelancers Script 1 allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter. | |||||
| CVE-2007-6110 | 1 Htdig | 1 Htdig | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inject arbitrary web script or HTML via the sort parameter. | |||||
| CVE-2007-6104 | 1 Filemaker | 2 Filemaker, Filemaker Server | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Instant Web Publishing feature in FileMaker Pro 7 and 8, Server 7 and 8, and Developer 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2007-6102 | 1 Feed2js | 1 Feed2js | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Feed to JavaScript (Feed2JS) 1.91 allows remote attackers to inject arbitrary web script or HTML via a URL in a feed. | |||||