CVSS:5.0(Medium)
Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to obtain the installation path via a URL containing a non-existent .dll file.
CVSS:4.3(Medium)
Multiple cross-site scripting (XSS) vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple unspecified user input field...
CVSS:4.6(Medium)
Nexus Concepts Dev Hound 2.24 and earlier stores username and password information in cleartext in the devhound.tdbd file, which allows local users to gain privileges.
CVSS:5.0(Medium)
httprint v202, and possibly other versions before v301, allows remote attackers to cause a denial of service (crash) via a long Server field in an HTTP response.
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in httprint v202, and possibly other versions before v301, allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP respo...
CVSS:4.3(Medium)
MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inlin...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in Text-e 1.6.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in Tangora Portal CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter in a search page, as demonstrated...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in search in SyntaxCMS 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search_query parameter.
CVSS:6.8(Medium)
Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the norelay...
CVSS:4.3(Medium)
Multiple cross-site scripting (XSS) vulnerabilities in Sitekit CMS 6.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) query string, (2) textonly, (3) locID, and ...
CVSS:4.3(Medium)
Multiple cross-site scripting (XSS) vulnerabilities in SCOOP! 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) keyword and (2) invalid parameter to articleSear...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in Scoop 1.1 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) type and (2) count parameters, and (3) the query string...
CVSS:4.3(Medium)
Multiple cross-site scripting (XSS) vulnerabilities in index.tpl in Redakto WCMS 3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) iid, (2) iid2, (3) r, (4) car...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in RAMSite R|1 CMS 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter.
CVSS:4.3(Medium)
Multiple cross-site scripting (XSS) vulnerabilities in ProjectApp 3.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the keywords parameter to (1) forums.asp, (2) search...
CVSS:4.3(Medium)
Multiple cross-site scripting (XSS) vulnerabilities in IntranetApp 3.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ret_page parameter to login.asp or the (2) ...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in login.asp in SiteEnable 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter.
CVSS:6.8(Medium)
Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter.
CVSS:6.8(Medium)
Cross-site scripting (XSS) vulnerability in Polopoly 9 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. NOTE: the vendor has disputed this ...
CVSS:6.8(Medium)
Cross-site scripting (XSS) vulnerability in Plexcor CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
CVSS:6.8(Medium)
Cross-site scripting (XSS) vulnerability in papaya CMS 4.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the bab[searchfor] parameter.
CVSS:6.8(Medium)
Cross-site scripting (XSS) vulnerability in store/search/results.html in OpenEdit 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) oe-action and (2) page para...