Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the wpajaxsaveitem function in wonderpluginaudio.php in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 itemname or 2 itemcustomcss parameter in a...

Cross site scripting

Cross-site scripting XSS vulnerability in Maroyaka CGI Maroyaka Simple Board allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the login page in Cisco Network Analysis Module NAM allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCum81269...

CVE-2015-2198

Multiple cross-site scripting XSS vulnerabilities in editprefs.php in Beehive Forum 1.4.4 allow remote attackers to inject arbitrary web script or HTML via the 1 homepageurl, 2 picurl, or 3 avatarurl parameter, which are not properly handled in an error message...

CVE-2015-2195

Multiple cross-site scripting XSS vulnerabilities in the WP Media Cleaner plugin 2.2.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 view, 2 paged, or 3 s parameter in the wp-media-cleaner page to wp-admin/upload.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the WP Media Cleaner plugin 2.2.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 view, 2 paged, or 3 s parameter in the wp-media-cleaner page to wp-admin/upload.php...

CVE-2015-2198

Multiple cross-site scripting XSS vulnerabilities in editprefs.php in Beehive Forum 1.4.4 allow remote attackers to inject arbitrary web script or HTML via the 1 homepageurl, 2 picurl, or 3 avatarurl parameter, which are not properly handled in an error message...

CVE-2015-0655

Cross-site scripting XSS vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184...

CVE-2015-2072

Multiple cross-site scripting XSS vulnerabilities in SAP HANA 73 1.00.73.00.389160 and HANA Developer Edition 80 1.00.80.00.391861 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to 1 ide/core/plugins/editor/templates/trace/hanaTraceDetailService.xsjs or 2...

Cross site scripting

Cross-site scripting XSS vulnerability in the live preview in the Panopoly Magic module before 7.x-1.17 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a pane title...

CVE-2015-2086

Cross-site scripting XSS vulnerability in the live preview in the Panopoly Magic module before 7.x-1.17 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a pane title...

Cross site scripting

Cross-site scripting XSS vulnerability in Login.aspx in UNIT4 Prosoft HRMS before 8.14.330.43 allows remote attackers to inject arbitrary web script or HTML via the txtUserID parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Visualware MyConnection Server 8.2b allow remote attackers to inject arbitrary web script or HTML via the 1 bt, 2 variable, or 3 et parameter to myspeed/db/historyitem...

CVE-2015-2043

CVE-2015-2043 affects Visualware MyConnection Server

Cisco Ironport AsyncOS Cross Site Scripting

Cisco Ironport AsyncOS Cross Site Scripting Vendor: Cisco Product webpage: http://www.cisco.com Affected versions: Cisco Ironport ESA - AsyncOS 8.0.1-023 Cisco Ironport WSA - AsyncOS 8.5.5-022 Cisco Ironport SMA - AsyncOS 8.4.0-126 Date: 24/02/2015 Credits: Glafkos Charalambous CVE: CVE-2013-6780...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in DLGuard 5, 4.6, and 4.5 allow remote attackers to inject arbitrary web script or HTML via the 1 page, 2 c, or 3 redirect parameter to index.php or 4 search field searchTerm parameter in the main page...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the MAGMI aka Magento Mass Importer plugin for Magento Server allow remote attackers to inject arbitrary web script or HTML via the 1 profile parameter to web/magmi.php or 2 QUERYSTRING to web/magmiimportrun.php...

CVE-2015-0167

Cross-site scripting XSS vulnerability in textAngular-sanitize.js in textAngular before 1.3.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the editor...

CVE-2015-2040

Cross-site scripting XSS vulnerability in the Contact Form DB aka CFDB and contact-form-7-to-database-extension plugin 2.8.26 for WordPress allows remote attackers to inject arbitrary web script or HTML via the submittime parameter in the CF7DBPluginSubmissions page to wp-admin/admin.php...

CVE-2015-1603

Multiple cross-site scripting XSS vulnerabilities in Adminsystems CMS before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 page parameter to index.php or 2 id parameter in a usersusers action to asys/site/system.php...