Show filters
603 Total Results
Displaying 481-490 of 603
Sort by:
Attacker Value
Unknown
CVE-2013-0572
Disclosure Date: April 27, 2013 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (aka DC4ASF) before 1.0.0.1218 in Application Support Facility (ASF) 3.4 for z/OS on Windows, Linux, and AIX allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors.
0
Attacker Value
Unknown
CVE-2013-0571
Disclosure Date: April 27, 2013 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (aka DC4ASF) before 1.0.0.1218 in Application Support Facility (ASF) 3.4 for z/OS on Windows, Linux, and AIX allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
0
Attacker Value
Unknown
CVE-2013-1495
Disclosure Date: March 18, 2013 (last updated October 05, 2023)
asr in Oracle Auto Service Request in Oracle Support Tools before 4.3.2 allows local users to modify arbitrary files via a symlink attack on a predictable filename in /tmp.
0
Attacker Value
Unknown
CVE-2012-5326
Disclosure Date: October 08, 2012 (last updated October 05, 2023)
Cross-site request forgery (CSRF) vulnerability in admin/function.php in IDevSpot iSupport 1.x allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via an administrators action.
0
Attacker Value
Unknown
CVE-2011-5188
Disclosure Date: September 20, 2012 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the Support Timer module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "track time spent" permission to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown
CVE-2011-5181
Disclosure Date: September 20, 2012 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in clickdesk.php in ClickDesk Live Support - Live Chat plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cdwidgetid parameter. NOTE: some of these details are obtained from third party information.
0
Attacker Value
Unknown
CVE-2011-5187
Disclosure Date: September 20, 2012 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the Support Ticketing System module 6.x-1.x before 6.x-1.7 for Drupal allows remote authenticated users with the "administer support projects" permission to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown
CVE-2012-2590
Disclosure Date: August 12, 2012 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in ESCON SupportPortal Professional Edition 3.0 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted SRC attribute of an IFRAME element, (3) a crafted CONTENT attribute of an HTTP-EQUIV="Set-Cookie" META element, or (4) an innerHTML attribute within an XML document.
0
Attacker Value
Unknown
CVE-2012-2235
Disclosure Date: May 27, 2012 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Support Incident Tracker (SiT!) 3.65 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to index.php, which is not properly handled in an error message.
0
Attacker Value
Unknown
CVE-2012-1069
Disclosure Date: February 14, 2012 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in module/kb/search_word in the search module in lknSupport allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
0
