CVE-2012-1087

Cross-site scripting XSS vulnerability in the Post data records to facebook bcpost2facebook extension before 0.2.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-5303

Cross-site scripting XSS vulnerability in the displayError function in timthumb.php in TimThumb before 1.15 r85, as used in multiple products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to $errorString...

CVE-2014-9444

Cross-site scripting XSS vulnerability in the Frontend Uploader plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the errorsfu-disallowed-mime-type0name parameter to the default URI...

CVE-2012-0311

Cross-site scripting XSS vulnerability in osCommerce 2.2MS1J before R9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-4283

Cross-site scripting XSS vulnerability in the Login With Ajax plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the callback parameter...

CVE-2010-4947

Cross-site scripting XSS vulnerability in advancedsearchresult.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter...

CVE-2015-8759

Cross-site scripting XSS vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field...

CVE-2015-6509

Multiple cross-site scripting XSS vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 proxypass parameter to systemadvancedmisc.php; 2 adaptiveend, 3 adaptivestart, 4 maximumstates, 5 maximumtableentries, or 6 aliasesresolveinterval...

CVE-2005-1582

Cross-site scripting XSS vulnerability in index.php for 1Two News 1.0 allows remote attackers to inject arbitrary web script or HTML via the 1 nom, 2 email, 3 siteweb, or 4 commentaire variables...

CVE-2005-1440

Multiple cross-site scripting XSS vulnerabilities in ViArt Shop Enterprise 2.1.6 allow remote attackers to inject arbitrary web script or HTML via 1 various parameters to basket.php, 2 the nickname, email, topic, and message fields in forum.php, as demonstrated using forumnewthread.php and...

CVE-2005-2836

Multiple cross-site scripting XSS vulnerabilities in Phorum 5.0.17a and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the username parameter to register.php or 2 a signature of a logged-in user in "My Control Center," which is not properly handled by control.php...

CVE-2009-2783

Multiple cross-site scripting XSS vulnerabilities in XOOPS 2.3.3 allow remote attackers to inject arbitrary web script or HTML via the 1 op parameter to modules/pm/viewpmsg.php and 2 query string to modules/profile/user.php...

CVE-2009-1908

Cross-site scripting XSS vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2002-2192

Cross-site scripting XSS vulnerability in Perception LiteServe 2.0.1 allows remote attackers to execute arbitrary web script via 1 a Host: header when DNS wildcards are supported or 2 the query string in a "dir" request to indexed folders...

CVE-2005-2044

Multiple cross-site scripting XSS vulnerabilities in ATutor 1.4.3 and 1.5 RC 1 allow remote attackers to inject arbitrary web script or HTML via the 1 showcourse parameter to browse.php, 2 subject parameter to contact.php, 3 cid parameter to content.php, 4 l parameter to inbox/sendmessage.php, th...

CVE-2004-2294

Canonicalize-before-filter error in the sendreview function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leadin...

CVE-2009-2215

Multiple cross-site scripting XSS vulnerabilities in URD before 0.6.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to the fatalerror page and unspecified other components...

CVE-2009-1942

Cross-site scripting XSS vulnerability in the Quiz module 5.x, 6.x-2.x before 6.x-2.2, and 6.x-3.x before 6.x-3.0, a module for Drupal, allows remote authenticated users, with create quizzes or quiz questions access, to inject arbitrary web script or HTML via unspecified vectors...

CVE-2002-2321

Cross-site scripting XSS vulnerability in 1 showcat.php and 2 addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter...

CVE-2009-3021

Cross-site scripting XSS vulnerability in Site Calendar 'mycaljp' plugin 2.0.0 through 2.0.6, as used in the Japanese extended package of Geeklog 1.5.0 through 1.5.2 and when distributed 20090629 or earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...