CVE-2014-7869

Cross-site scripting XSS vulnerability in the configuration UI in the Context Form Alteration module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "administer contexts" permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-2644

Cross-site scripting XSS vulnerability in HP Systems Insight Manager SIM before 7.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the WEC Map wecmap extension before 3.0.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-2640

Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-4624

Cross-site scripting XSS vulnerability in facebook.php in the GRAND FlAGallery plugin flash-album-gallery before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter...

CVE-2011-4624

Cross-site scripting XSS vulnerability in facebook.php in the GRAND FlAGallery plugin flash-album-gallery before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in Your Online Shop allows remote attackers to inject arbitrary web script or HTML via the productsid parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script or HTML via the 1 username or 2 pwd parameter to userRpm/NoipDdnsRpm.htm...

CVE-2014-7199

Cross-site scripting XSS vulnerability in MediaWiki before 1.19.19, 1.22.x before 1.22.11, and 1.23.x before 1.23.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG file...

PYSEC-2014-46

Cross-site scripting XSS vulnerability in widgettraversal.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-5494

Plone contains a Cross‑Site Scripting (XSS) vulnerability (CVE-2012-5494) in python_scripts.py, affecting Plone versions before 4.2.3 and before beta 1 of 4.3. The issue is related to translation handling ("{u,}translate") and allows remote attackers to inject arbitrary web script or HTML via uns...

CVE-2013-3065

Cross-site scripting XSS vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section...

Cross site scripting

Cross-site scripting XSS vulnerability in the web server in the Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS 8.0 before 8.0r6, 7.4 before 7.4r13, and 7.1 before 7.1r20 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the Easy MailChimp Forms plugin 3.0 through 5.0.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the updateoptions action to wp-admin/admin-ajax.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in includes/toAdmin.php in Contact Form 7 Integrations plugin 1.0 through 1.3.10 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 uE or 2 uC parameter...

CVE-2014-6445

Multiple cross-site scripting XSS vulnerabilities in includes/toAdmin.php in Contact Form 7 Integrations plugin 1.0 through 1.3.10 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 uE or 2 uC parameter...

CVE-2014-5315

Cross-site scripting XSS vulnerability in the Help page in Adobe Acrobat 9.5.2 and earlier and ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-5700

Multiple cross-site scripting XSS vulnerabilities in Baby Gekko before 1.2.2f allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to admin/index.php or the 2 username or 3 password parameter in blocks/loginbox/loginbox.template.php to index.php. NOTE: some of thes...

CVE-2014-3595

Cross-site scripting XSS vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network RHN Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not properly handled when logging...