CVE-2015-1366

Cross-site scripting XSS vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the imageuser parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in cart.php in X-Cart 5.1.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 productid or 2 categoryid parameter...

CVE-2015-1180

Cross-site scripting XSS vulnerability in the Web Reports in EventSentry 3.1.0 allows remote attackers to inject arbitrary web script or HTML via the pageId parameter to networktile/bullet...

CVE-2015-1176

Cross-site scripting XSS vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action...

Cross site scripting

Cross-site scripting XSS vulnerability in the Web Reports in EventSentry 3.1.0 allows remote attackers to inject arbitrary web script or HTML via the pageId parameter to networktile/bullet...

Cross site scripting

Cross-site scripting XSS vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action...

CVE-2015-1176

Cross-site scripting XSS vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the administrative user interface in EMC M&R aka Watch4Net before 6.5u1 and ViPR SRM before 3.6.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging privileged access to set crafted values of unspecified field...

Cross site scripting

Cross-site scripting XSS vulnerability in the Process Portal in IBM Business Process Manager 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8914...

CVE-2015-0553

Cross-site scripting XSS vulnerability in admin/pages/modify.php in WebsiteBaker 2.8.3 SP3 allows remote attackers to inject arbitrary web script or HTML via the pageid parameter...

CVE-2015-0862

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

CVE-2015-0862

Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...

CVE-2014-9477

Multiple cross-site scripting XSS vulnerabilities in the Listings extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 url parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Listings extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 url parameter...

CVE-2015-1056

Cross-site scripting XSS vulnerability in Brother MFC-J4410DW printer with firmware before L allows remote attackers to inject arbitrary web script or HTML via the url parameter to general/status.html and possibly other pages...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in AdaptCMS 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 dataCategorytitle parameter to admin/categories/add, 2 dataFieldtitle parameter to admin/fields/ajaxfields/, 3 name property in a basicInfo JSON object to...

CVE-2014-8022

Multiple cross-site scripting XSS vulnerabilities in Cisco Identity Services Engine allow remote attackers to inject arbitrary web script or HTML via input to unspecified web pages, aka Bug IDs CSCur69835 and CSCur69776...

CVE-2014-9570

Multiple cross-site scripting XSS vulnerabilities in the MyWebsiteAdvisor Simple Security plugin 1.1.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 datefilter parameter in the accesslog page to wp-admin/users.php or 2 simplesecurityipblacklist...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the MyWebsiteAdvisor Simple Security plugin 1.1.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 datefilter parameter in the accesslog page to wp-admin/users.php or 2 simplesecurityipblacklist...