CVE-2014-9439

Cross-site scripting XSS vulnerability in Easy File Sharing Web Server 6.8 allows remote attackers to inject arbitrary web script or HTML via the username field during registration, which is not properly handled by forum.ghp...

CVE-2014-9443

Cross-site scripting XSS vulnerability in the Relevanssi plugin before 3.3.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-5317

Cross-site scripting XSS vulnerability in editText.php in WonderCMS before 0.4 allows remote attackers to inject arbitrary web script or HTML via the content parameter...

CVE-2011-5307

Cross-site scripting XSS vulnerability in index.php in the PhotoSmash plugin 1.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter...

CVE-2011-5305

Multiple cross-site scripting XSS vulnerabilities in CosmoShop ePRO 10.05.00 allow remote attackers to inject arbitrary web script or HTML via 1 the rcopy parameter to cgi-bin/admin/rubrikadmin.cgi, 2 the typ parameter to cgi-bin/admin/artikeladmin.cgi, or 3 the suchbegriff parameter to...

CVE-2011-5303

Cross-site scripting XSS vulnerability in Spitfire CMS 1.0.436 allows remote attackers to inject arbitrary web script or HTML via a cmsusername cookie...

CVE-2011-5297

Multiple cross-site scripting XSS vulnerabilities in TTChat 1.0.4 allow remote attackers to inject arbitrary web script or HTML via 1 the msg parameter to default.php or 2 the username parameter to chatform.php...

Cross site scripting

Cross-site scripting XSS vulnerability in Spitfire CMS 1.0.436 allows remote attackers to inject arbitrary web script or HTML via a cmsusername cookie...

CVE-2011-5299

Multiple cross-site scripting XSS vulnerabilities in poMMo Aardvark PR16.1 allow remote attackers to inject arbitrary web script or HTML via 1 the referer parameter to index.php, 2 the sitename parameter to admin/setup/config/general.php, 3 the groupname parameter to...

CVE-2011-5287

Multiple cross-site scripting XSS vulnerabilities in HESK before 2.4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 hesksettingstmptitle or 2 hesklangENCODING parameter to inc/header.inc.php; the hesklangattempt parameter to 3 inc/assignmentsearch.inc.php, 4...

CVE-2011-5285

Multiple cross-site scripting XSS vulnerabilities in BugFree 2.1.3 allow remote attackers to inject arbitrary web script or HTML via 1 the ActionType parameter to Bug.php, the ReportMode parameter to 2 Report.php or 3 ReportLeft.php, or the PATHINFO to 4 AdminProjectList.php, 5 AdminGroupList.php...

CVE-2011-5287

Multiple cross-site scripting XSS vulnerabilities in HESK before 2.4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 hesksettingstmptitle or 2 hesklangENCODING parameter to inc/header.inc.php; the hesklangattempt parameter to 3 inc/assignmentsearch.inc.php, 4...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in view.php in JCE-Tech PHP Video Script aka Video Niche Script 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 video or 2 title parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in TWiki 6.0.1 allow remote attackers to inject arbitrary web script or HTML via the 1 QUERYSTRING variable in lib/TWiki.pm or 2 QUERYPARAMSTRING variable in lib/TWiki/UI/View.pm, as demonstrated by the QUERYSTRING to do/view/Main/TWikiPreferences...

CVE-2014-9325

Multiple cross-site scripting XSS vulnerabilities in TWiki 6.0.1 allow remote attackers to inject arbitrary web script or HTML via the 1 QUERYSTRING variable in lib/TWiki.pm or 2 QUERYPARAMSTRING variable in lib/TWiki/UI/View.pm, as demonstrated by the QUERYSTRING to do/view/Main/TWikiPreferences...

CVE-2012-1302

Multiple cross-site scripting XSS vulnerabilities in amMap 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the 1 datafile or 2 settingsfile parameter to ammap.swf, or 3 the datafile parameter to amtimeline.swf...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in amCharts Flash 1 allow remote attackers to inject arbitrary web script or HTML via the 1 datafile or 2 settingsfile parameter to ampie.swf; the message element in the chartdata parameter to 3 amcolumn.swf, 4 amline.swf, 5 amradar.swf, or 6...

Advantech WebAccess HMI and SCADA Software CrossSite Scripting - Ver2 (CVE-2012-0233)

A cross-site scripting vulnerability has been reported in Advantech Webaccess. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a crafted row that triggers an improperly constructed confirmation message after inline-editing and save operations, related to 1...

CVE-2011-3592

Multiple cross-site scripting XSS vulnerabilities in the PMAunInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a 1 database name, 2 table name, or 3 column name that is not properly handled after an...