CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
Dcdgooglemap, Address_directory, Advcalendar_extension, Aeurltool, Aimeos, Air_filemanager, Another_backend_login, Autobeuser, Bb_simplejobs, Beuserswitch, Brainstorming
2017-08-17
N/A
N/A
Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Cooluri, Address_directory, Advcalendar_extension, Aeurltool, Aimeos, Air_filemanager, Another_backend_login, Autobeuser, Bb_simplejobs, Beuserswitch, Brainstorming
2017-08-17
N/A
N/A
SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Air_lexicon, Address_directory, Advcalendar_extension, Aeurltool, Aimeos, Air_filemanager, Another_backend_login, Autobeuser, Bb_simplejobs, Beuserswitch, Brainstorming
2009-08-19
N/A
N/A
Unspecified vulnerability in Frontend Filemanager (air_filemanager) 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors.
Ad_board_script, Ad-exchange_script, Apartment_search_script, Autoresponder_hosting_script, Banner_management, Banner_management_script, Blog_blaster_script, Classifieds, Classifieds_blaster_script, Classifieds_hosting_script
2017-09-29
N/A
N/A
Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header, then accessing this file via a direct request to a renamed file in Member_Admin/logo/.
Ad_board_script, Ad-exchange_script, Apartment_search_script, Autoresponder_hosting_script, Banner_management, Banner_management_script, Blog_blaster_script, Classifieds, Classifieds_blaster_script, Classifieds_hosting_script
2017-09-29
N/A
N/A
Cross-site scripting (XSS) vulnerability in listtest.php in Apartment Search Script allows remote attackers to inject arbitrary web script or HTML via the r parameter.
Accumulo, Activemq, Activemq_apollo, Activemq_artemis, Age, Airavata_django_portal, Airflow, Airflow_mysql_provider, Alarm_instance_management, Allura
2009-04-28
N/A
N/A
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) " (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.
Cross-site scripting (XSS) vulnerability in dijit.Editor in Dojo before 1.1 allows remote attackers to inject arbitrary web script or HTML via XML entities in a TEXTAREA element.
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error.
Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service (ps2pdf crash) and possibly execute arbitrary code via a crafted Postscript file.
SQL injection vulnerability in asp/includes/contact.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary SQL commands via the sNickName parameter in a profile action to default.asp.