CVE-2014-4569

Cross-site scripting XSS vulnerability in ls/vvlogin.php in the VideoWhisper Live Streaming Integration plugin 4.27.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the roomname parameter...

CVE-2014-2512

Multiple cross-site scripting XSS vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

Dream4 Koobi CMS 4.2.3 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-78938' vul ID version = '1' author = 'hzr' vulDate =...

CVE-2013-6310

Cross-site scripting XSS vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-2006

Cross-site scripting XSS vulnerability in Intercom Web Kyukincho 3.x before 3.0.030 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-4645

Cross-site scripting XSS vulnerability in dhcpinfo.html in D-link DSL-2760U-E1 allows remote attackers to inject arbitrary web script or HTML via a hostname...

Cross site scripting

Cross-site scripting XSS vulnerability in dhcpinfo.html in D-link DSL-2760U-E1 allows remote attackers to inject arbitrary web script or HTML via a hostname...

CVE-2014-4349

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name that is improperly handled after a 1 hide or 2 unhide action...

WordPress Responsive Preview Plugin <= 1.1 - XSS

Because of this vulnerability in index.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

WordPress Verification Code for Comments Plugin <= 2.1.0 - Multiple XSS

Because of these vulnerabilities in vcc.js.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

WordPress SnapApp Plugin <= 1.5 - Multiple XSS

Because of these multiple vulnerabilities in js/button-snapapp.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

WordPress Appointment Scheduler Plugin <= 1.5 - XSS

Because of this vulnerability in js/test.php, the attackers can inject arbitrary web script or HTML via the lang parameter. Solution Update the plugin...

WordPress WP Contact Plugin <= 1.0 - Multiple XSS

Because of these vulnerabilities in forms/messages.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

WordPress Walk Score Plugin <= 0.5.5 - Multiple XSS

Because of these vulnerabilities in frame-maker.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

WordPress Wikipop Plugin <= 2.0 - XSS

Because of this vulnerability in js/window.php, the attackers can inject arbitrary web script or HTML via the "s" parameter. Solution Update the plugin...

CVE-2012-2579

Multiple cross-site scripting XSS vulnerabilities in the WP SimpleMail plugin 1.0.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 To, 2 From, 3 Date, or 4 Subject field of an email...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the WP SimpleMail plugin 1.0.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 To, 2 From, 3 Date, or 4 Subject field of an email...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in EmailArchitect Email Server 10.0 and 10.0.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 From or 2 Date field in an email...

CVE-2014-4506

Cross-site scripting XSS vulnerability in the Custom Meta module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer custom meta settings" permission to inject arbitrary web script or HTML via the 1 attribute or 2 content value for a...