6892 matches found
CVE-2014-0952
Cross-site scripting XSS vulnerability in bootconfig.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF28, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-3808
Multiple cross-site scripting XSS vulnerabilities in BarracudaDrive before 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the 1 role parameter to roles.lsp, 2 name parameter to user.lsp, 3 path parameter to wizard/setuser.lsp, 4 host parameter to tunnelconstr.lsp, or 5...
CVE-2014-3808
Multiple cross-site scripting XSS vulnerabilities in BarracudaDrive before 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the 1 role parameter to roles.lsp, 2 name parameter to user.lsp, 3 path parameter to wizard/setuser.lsp, 4 host parameter to tunnelconstr.lsp, or 5...
CVE-2014-1747
Cross-site scripting XSS vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS UXSS."...
CVE-2014-1855
Multiple cross-site scripting XSS vulnerabilities in Seo Panel before 3.5.0 allow remote attackers to inject arbitrary web script or HTML via the 1 capcheck parameter to directories.php or 2 keyword parameter to proxy.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Seo Panel before 3.5.0 allow remote attackers to inject arbitrary web script or HTML via the 1 capcheck parameter to directories.php or 2 keyword parameter to proxy.php...
Cross site scripting
Cross-site scripting XSS vulnerability in Zenoss 4.2.5 allows remote attackers to inject arbitrary web script or HTML via the title of a device...
Cross site scripting
Cross-site scripting XSS vulnerability in the MediaFront module 6.x-1.x before 6.x-1.6, 7.x-1.x before 7.x-1.6, and 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "administer mediafront" permission to inject arbitrary web script or HTML via the preset settings...
CVE-2013-4380
Cross-site scripting XSS vulnerability in the MediaFront module 6.x-1.x before 6.x-1.6, 7.x-1.x before 7.x-1.6, and 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "administer mediafront" permission to inject arbitrary web script or HTML via the preset settings...
CVE-2014-3265
Cross-site scripting XSS vulnerability in the Auto Update Server AUS web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuo06900...
Cross site scripting
Cross-site scripting XSS vulnerability in Cisco Unified Web and E-mail Interaction Manager 9.02 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj43033...
Cross site scripting
Cross-site scripting XSS vulnerability in Collabtive 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the desc parameter in an Add project addpro action to admin.php...
CVE-2013-1810
Multiple cross-site scripting XSS vulnerabilities in core/summaryapi.php in MantisBT 1.2.12 allow remote authenticated users with manager or administrator permissions to inject arbitrary web script or HTML via a 1 category name in the summaryprintbycategory function or 2 project name in the...
CVE-2013-0197
Cross-site scripting XSS vulnerability in the filterdrawselectionarea2 function in core/filterapi.php in MantisBT 1.2.12 before 1.2.13 allows remote attackers to inject arbitrary web script or HTML via the matchtype parameter to bugs/search.php...
CVE-2013-1765
Multiple cross-site scripting XSS vulnerabilities in jwplayer.swf in the smart-flv plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 link or 2 playerready parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS 3.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 param parameter to admin/load.php or 2 user, 3 email, or 4 name parameter in a Save Settings action to admin/settings.php...
CVE-2011-5249
Cross-site scripting XSS vulnerability in the events page in the System iNtrusion Analysis and Reporting Environment SNARE for Linux agent before 1.7.0 allows remote attackers to inject arbitrary web script or HTML via a logged shell command...
CVE-2014-1603
Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS 3.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 param parameter to admin/load.php or 2 user, 3 email, or 4 name parameter in a Save Settings action to admin/settings.php...
CVE-2012-1600
Multiple cross-site scripting XSS vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 type of a function...
CVE-2013-4503
Cross-site scripting XSS vulnerability in the Feed Element Mapper module for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via vectors related to options...