6892 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the errorAction method in the ActionController base class in the Extbase Framework in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6, when the Rewritten Property Mapper is enabled, allows remote attackers t...
CVE-2013-7243
Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 post-menu field to edit.php or 2 Display name field to settings.php. NOTE: The Custom Permalink Structure and Email Address fields are already...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 post-menu field to edit.php or 2 Display name field to settings.php. NOTE: The Custom Permalink Structure and Email Address fields are already...
CVE-2013-7243
Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 post-menu field to edit.php or 2 Display name field to settings.php. NOTE: The Custom Permalink Structure and Email Address fields are already...
CVE-2012-6623
Cross-site scripting XSS vulnerability in fs-admin/wpf-add-forum.php in the ForumPress WP Forum Server plugin before 1.7.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the groupid parameter in an addforum action to wp-admin/admin.php...
CVE-2012-6627
Cross-site scripting XSS vulnerability in admin/testmail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2012-6630
Multiple cross-site scripting XSS vulnerabilities in the Media Library Categories plugin 1.1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 bulk parameter to media-library-categories/add.php or 2 q parameter to media-library-categories/view.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Newsletter Manager plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 xyzemcampName to admin/createcampaign.php or 2 admin/editcampaign.php, 3 xyzememail parameter to admin/editemail.ph...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Media Library Categories plugin 1.1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 bulk parameter to media-library-categories/add.php or 2 q parameter to media-library-categories/view.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the 1 tasks and 2 search views in Horde Kronolith H4 before 3.0.17 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-6622
Multiple cross-site scripting XSS vulnerabilities in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 groupid parameter in an editgroup action or 2 usergroupid parameter in an...
CVE-2012-6632
Multiple cross-site scripting XSS vulnerabilities in Vessio NetBill 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 full name or 2 file title to accounts/admin/index.php or 3 comment parameter in the support page to accounts/index2.php...
CVE-2012-6627
Cross-site scripting XSS vulnerability in admin/testmail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2014-1472
Multiple cross-site scripting XSS vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager MVM 7.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager MVM 7.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-1472
Multiple cross-site scripting XSS vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager MVM 7.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-0977
Cross-site scripting XSS vulnerability in the Rich Text Editor in Movable Type 5.0x, 5.1x before 5.161, 5.2.x before 5.2.9, and 6.0.x before 6.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-0977
Cross-site scripting XSS vulnerability in the Rich Text Editor in Movable Type 5.0x, 5.1x before 5.161, 5.2.x before 5.2.9, and 6.0.x before 6.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-0977
Cross-site scripting XSS vulnerability in the Rich Text Editor in Movable Type 5.0x, 5.1x before 5.161, 5.2.x before 5.2.9, and 6.0.x before 6.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-7289
Multiple cross-site scripting XSS vulnerabilities in register.php in Andy's PHP Knowledgebase Aphpkb before 0.95.8 allow remote attackers to inject arbitrary web script or HTML via the 1 firstname, 2 lastname, 3 email, or 4 username parameter...