CVE-2012-2563

Multiple cross-site scripting XSS vulnerabilities in Bloxx Web Filtering before 5.0.14 allow 1 remote attackers to inject arbitrary web script or HTML via web traffic that is examined within the Bloxx Reports component, and allow 2 remote authenticated administrators to inject arbitrary web scrip...

Cross site scripting

Cross-site scripting XSS vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-2083

Multiple cross-site scripting XSS vulnerabilities in Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

DSA-2485-1 imp4 - cross site scripting

Bulletin has no description...

CVE-2012-0220

Multiple cross-site scripting XSS vulnerabilities in the meta plugin Plugin/meta.pm in ikiwiki before 3.20120516 allow remote attackers to inject arbitrary web script or HTML via the 1 author or 2 authorurl meta tags...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the meta plugin Plugin/meta.pm in ikiwiki before 3.20120516 allow remote attackers to inject arbitrary web script or HTML via the 1 author or 2 authorurl meta tags...

CVE-2012-2936

Multiple cross-site scripting XSS vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 user or 2 page parameter to a admin/admincomments.php or b admin/adminlinks.php; or list parameter in a 3 move or 4 minimize action to c...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web script or HTML via 1 an arbitrary parameter in a move or 2 minimize action to admin/adminindex.php; 3 the karmausername parameter to module.php in the karma module; 4 q1low, ...

Cross site scripting

Cross-site scripting XSS vulnerability in search/ in Yandex.Server 2010 9.0 Enterprise allows remote attackers to inject arbitrary web script or HTML via the text parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 user or 2 page parameter to a admin/admincomments.php or b admin/adminlinks.php; or list parameter in a 3 move or 4 minimize action to c...

CVE-2012-2941

Cross-site scripting XSS vulnerability in search/ in Yandex.Server 2010 9.0 Enterprise allows remote attackers to inject arbitrary web script or HTML via the text parameter...

CVE-2012-2936

Multiple cross-site scripting XSS vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 user or 2 page parameter to a admin/admincomments.php or b admin/adminlinks.php; or list parameter in a 3 move or 4 minimize action to c...

CVE-2012-1990

Multiple cross-site scripting XSS vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via 1 the evtvariablename parameter in an evts.xml action to kw.dll, 2 unspecified search fields, or 3 unspecified...

Cross site scripting

Cross-site scripting XSS vulnerability in the userphotooptionspage function in user-photo.php in the User Photo plugin before 0.9.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to wp-admin/options-general.php. NOTE: some of these details are...

Cross site scripting

Cross-site scripting XSS vulnerability in the Glossary module 6.x-1.x before 6.x-1.8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "taxonomy information."...

CVE-2012-2917

Cross-site scripting XSS vulnerability in the Share and Follow plugin 1.80.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the CDN API Key cnd-key in a share-and-follow-menu page to wp-admin/admin.php...

CVE-2012-2913

Multiple cross-site scripting XSS vulnerabilities in the Leaflet plugin 0.0.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the id parameter to 1 leafletlayer.php or 2 leafletmarker.php, as reachable through wp-admin/admin.php...

CVE-2012-2912

Multiple cross-site scripting XSS vulnerabilities in the LeagueManager plugin 3.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 group parameter in the show-league page or 2 season parameter in the team page to wp-admin/admin.php...

CVE-2012-2909

Multiple cross-site scripting XSS vulnerabilities in Viscacha 0.8.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 text field in the Private Messages System, 2 Bad Word field in Zensur, or 3 Portal or 4 Topic field in Kommentar...

CVE-2012-2916

Cross-site scripting XSS vulnerability in sabreclassadmin.php in the SABRE plugin before 2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the activeoption parameter to wp-admin/tools.php...