Latest CVE Feed
-
4.3
MEDIUMCVE-2007-4265
Multiple cross-site scripting (XSS) vulnerabilities in VisionProject 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) projectIssueId parameter in EditProjectIssue.do, the (2) projectId parameter in ProjectSelected.... Read more
Affected Products : visionproject- Published: Aug. 09, 2007
- Modified: Apr. 09, 2025
-
4.3
MEDIUMCVE-2009-0466
Cross-site scripting (XSS) vulnerability in Vivvo CMS before 4.1.1 allows remote attackers to inject arbitrary web script or HTML via a URI that triggers a 404 Page Not Found response.... Read more
Affected Products : vivvo- Published: Feb. 10, 2009
- Modified: Apr. 09, 2025
-
4.3
MEDIUMCVE-2006-0571
Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in the administrative interface.... Read more
Affected Products : phpstatus- Published: Feb. 07, 2006
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2009-4164
Cross-site scripting (XSS) vulnerability in the simple Glossar (simple_glossar) extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more
- Published: Dec. 02, 2009
- Modified: Apr. 09, 2025
-
4.3
MEDIUMCVE-2009-0467
Cross-site scripting (XSS) vulnerability in proxy.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allows remote attackers to inject arbitrary web script or HTML via the proxy parameter in a deny_log manage action.... Read more
Affected Products : profense_web_application_firewall- Published: Feb. 10, 2009
- Modified: Apr. 09, 2025
-
4.3
MEDIUMCVE-2006-0501
Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the Name field, when registering a user.... Read more
Affected Products : myco_guestbook- Published: Feb. 01, 2006
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2006-0533
Cross-site scripting (XSS) vulnerability in webmailaging.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via the numdays parameter.... Read more
Affected Products : cpanel- Published: Feb. 04, 2006
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2006-0480
Cross-site scripting (XSS) vulnerability in the Articles module in sPaiz-Nuke allows remote attackers to inject arbitrary web script or HTML via the query parameter in the search file.... Read more
Affected Products : spaiz-nuke_cms- Published: Jan. 31, 2006
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2006-0593
Cross-site scripting (XSS) vulnerability in PHP-Fusion before 6.00.304 allows remote attackers to inject arbitrary web script or HTML via the (1) shout_name field in shoutbox_panel.php and the (2) comments field in comments_include.php.... Read more
Affected Products : php_fusion- Published: Feb. 08, 2006
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2025-8452
By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described b... Read more
Affected Products :- Published: Aug. 12, 2025
- Modified: Aug. 15, 2025
- Vuln Type: Authentication
-
4.3
MEDIUMCVE-2007-2248
Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Phorum before 5.1.22 allow remote attackers to inject arbitrary web script or HTML via the (1) group_id parameter in the groups module or (2) the smiley_id parameter in the smileys modset... Read more
Affected Products : phorum- Published: Apr. 25, 2007
- Modified: Apr. 09, 2025
-
4.3
MEDIUMCVE-2006-0415
Cross-site scripting (XSS) vulnerability in index.php in SleeperChat 0.3f and earlier allows remote attackers to inject arbitrary web script or HTML via the pseudo parameter.... Read more
Affected Products : sleeperchat- Published: Jan. 25, 2006
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2006-0373
Cross-site scripting (XSS) vulnerability in register.aspx in Douran FollowWeb allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely ... Read more
Affected Products : followweb- Published: Jan. 22, 2006
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2006-0409
Cross-site scripting (XSS) vulnerability in index.php in Pixelpost Photoblog 1.4.3 allows remote attackers to inject arbitrary web script or HTML via the "Add Comment" field in a comment popup.... Read more
Affected Products : photoblog- Published: Jan. 25, 2006
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2007-2256
Cross-site scripting (XSS) vulnerability in you.php in TJSChat 0.95 allows remote attackers to inject arbitrary web script or HTML via the user parameter.... Read more
Affected Products : tjschat- Published: Apr. 25, 2007
- Modified: Apr. 09, 2025
-
4.3
MEDIUMCVE-2006-0663
Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) an email subject; (2) an encoded javascript URI, as demonstrated using "java script:"... Read more
- Published: Feb. 13, 2006
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2005-1000
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the bid parameter to the EmailStats op in banners.pgp, (2) the ratenum parameter in the TopRated and MostPopular acti... Read more
Affected Products : php-nuke- Published: May. 02, 2005
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2009-0526
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AdaptCMS Lite 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) url and (2) acuparam parameters, and (3) the URI.... Read more
Affected Products : adaptcms- Published: Feb. 11, 2009
- Modified: Apr. 09, 2025
-
4.3
MEDIUMCVE-2006-0662
Cross-site scripting (XSS) vulnerability in Lotus Domino iNotes Client 6.5.4 allows remote attackers to inject arbitrary web script or HTML via email with attached html files, which are directly rendered in the browser.... Read more
- Published: Feb. 13, 2006
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2006-0643
Cross-site scripting (XSS) vulnerability in WiredRed e/pop Web Conferencing 4.1.0.755 allows remote authenticated users to inject arbitrary web script or HTML via the topic name of a conference.... Read more
Affected Products : e_pop_web_conferencing- Published: Feb. 10, 2006
- Modified: Apr. 03, 2025