Cross site scripting

Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...

CVE-2017-14619

Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...

CVE-2015-4707

Cross-site scripting XSS vulnerability in IPython before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/notebooks path...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via vectors related to name and message...

CVE-2015-8350

Multiple cross-site scripting XSS vulnerabilities in the Calls to Action plugin before 2.5.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 open-tab parameter in a wpctaglobalsettings action to wp-admin/edit.php or 2 wp-cta-variation-id parameter to...

CVE-2015-8353

Cross-site scripting XSS vulnerability in the Role Scoper plugin before 1.3.67 for WordPress allows remote attackers to inject arbitrary web script or HTML via the objectname parameter in a rs-objectroleedit page to wp-admin/admin.php...

CVE-2015-7879

Cross-site scripting XSS vulnerability in the Stickynote module 7.x before 7.x-1.3 for Drupal allows remote authenticated users with permission to create or edit a stickynote to inject arbitrary web script or HTML via note text on the admin listing page...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 6.0.0 allow remote authenticated users to inject arbitrary web script or HTML via the 1 CompanyName, 2 CompanyAddress, 3 CompanyZip, 4 CompanyTown, 5 Fax, 6 EMail, 7 Web, 8 ManagingDirectors, 9 Note, 10 Capital, 11 ProfId1, 12...

CVE-2017-14241

Cross-site scripting XSS vulnerability in Dolibarr ERP/CRM 6.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the Title parameter to htdocs/admin/menus/edit.php...

CVE-2017-14239

Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 6.0.0 allow remote authenticated users to inject arbitrary web script or HTML via the 1 CompanyName, 2 CompanyAddress, 3 CompanyZip, 4 CompanyTown, 5 Fax, 6 EMail, 7 Web, 8 ManagingDirectors, 9 Note, 10 Capital, 11 ProfId1, 12...

CVE-2017-14239

Dolibarr ERP/CRM 6.0.0 is affected by multiple XSS vulnerabilities. The issues are triggered through the following parameters in htdocs/admin/company.php: CompanyName, CompanyAddress, CompanyZip, CompanyTown, Fax, EMail, Web, ManagingDirectors, Note, Capital, ProfId1–ProfId6. The vulnerabilities ...

Reflected Cross-site Scripting (XSS)

bolt/bolt is vulnerable to reflected cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary web script when generating canonical links...

CVE-2016-10510

Cross-site scripting XSS vulnerability in the Security component of Kohana before 3.3.6 allows remote attackers to inject arbitrary web script or HTML by bypassing the stripimagetags protection mechanism in system/classes/Kohana/Security.php...

CVE-2016-10510

Cross-site scripting XSS vulnerability in the Security component of Kohana before 3.3.6 allows remote attackers to inject arbitrary web script or HTML by bypassing the stripimagetags protection mechanism in system/classes/Kohana/Security.php...

CVE-2017-10838

Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-4699

Cross-site scripting XSS vulnerability in the Splash Portal in Cloud4Wi before 5.9.7 allows remote attackers to inject arbitrary web script or HTML via the recoveryMessage parameter to the default URI...

Cross site scripting

Cross-site scripting XSS-STORED vulnerability in the DEVICES OR SENSORS functionality in Paessler PRTG Network Monitor before 17.3.33.2654 allows authenticated remote attackers to inject arbitrary web script or HTML...

Cross site scripting

Cross-site scripting XSS vulnerability in Apache2Triad 1.5.4 allows remote attackers to inject arbitrary web script or HTML via the account parameter to phpsftpd/users.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name...

phpMyAdmin XSS Vulnerability (PMASA-2014-9) - Linux

phpMyAdmin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...