LiveActive security incident?Get immediate response
CVE archive

November 2010

Browse CVE records published in November 2010, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 429 matching CVEs · Page 2 of 9.

Unknown · CVSS Not scored

CVE-2010-5284: Multiple cross-site scripting (XSS) vulnerabilities in Collabtive 0.6.5 allow remote attackers to inject ar...

Multiple cross-site scripting (XSS) vulnerabilities in Collabtive 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) User parameter in the edit user profile feature to manageuser.php, (2) y parameter in a newcal action to manageajax.php, and the (3) pic parameter to thumb.php.

Published Nov 26, 2012 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-5282: Multiple cross-site scripting (XSS) vulnerabilities in OpenText ECM (formerly Livelink ECM) 9.7.1 allow rem...

Multiple cross-site scripting (XSS) vulnerabilities in OpenText ECM (formerly Livelink ECM) 9.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) viewType and (2) sort parameters in a browse action to livelink/livelink; and the (3) nodeid, (4) setctx, and (5) support parameters to livelinkdav/nodes/OOB_DAVWindow.html.

Published Nov 26, 2012 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-5042: Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla!

Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php. NOTE: some of these details are obtained from third party information.

Published Nov 2, 2011 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-5044: SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla!

SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information.

Published Nov 2, 2011 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-5050: Cross-site scripting (XSS) vulnerability in jsp/admin/tools/remote_share.jsp in ManageEngine ADManager Plus...

Cross-site scripting (XSS) vulnerability in jsp/admin/tools/remote_share.jsp in ManageEngine ADManager Plus 4.4.0 allows remote attackers to inject arbitrary web script or HTML via the computerName parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Nov 23, 2011 · Updated Aug 7, 2024