CVE-2012-2906

Multiple cross-site scripting XSS vulnerabilities in artpublic/recommandation/index.php in Artiphp CMS 5.5.0 Neo r422 allow remote attackers to inject arbitrary web script or HTML via the 1 addimgnamepost, 2 asciiartpost, 3 expediteur, 4 titresav, or 5 z39d27af885b32758ac0e7d4014a61561 parameter...

CVE-2012-2903

Multiple cross-site scripting XSS vulnerabilities in PHP Address Book 7.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to group.php, or the 2 targetlanguage or 3 targetflag parameter to translate.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in artpublic/recommandation/index.php in Artiphp CMS 5.5.0 Neo r422 allow remote attackers to inject arbitrary web script or HTML via the 1 addimgnamepost, 2 asciiartpost, 3 expediteur, 4 titresav, or 5 z39d27af885b32758ac0e7d4014a61561 parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SiliSoftware phpThumb 1.7.11 allow remote attackers to inject arbitrary web script or HTML via the 1 dir parameter to demo/phpThumb.demo.random.php or 2 title parameter to demo/phpThumb.demo.showpic.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the LeagueManager plugin 3.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 group parameter in the show-league page or 2 season parameter in the team page to wp-admin/admin.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the Share and Follow plugin 1.80.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the CDN API Key cnd-key in a share-and-follow-menu page to wp-admin/admin.php...

CVE-2012-2913

Multiple cross-site scripting XSS vulnerabilities in the Leaflet plugin 0.0.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the id parameter to 1 leafletlayer.php or 2 leafletmarker.php, as reachable through wp-admin/admin.php...

CVE-2012-2914

Cross-site scripting XSS vulnerability in captchademo.php in Unijimpe Captcha allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

CVE-2012-2910

Multiple cross-site scripting XSS vulnerabilities in SiliSoftware phpThumb 1.7.11 allow remote attackers to inject arbitrary web script or HTML via the 1 dir parameter to demo/phpThumb.demo.random.php or 2 title parameter to demo/phpThumb.demo.showpic.php...

CVE-2012-2904

player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting XSS attacks to inject arbitrary web script or HTML via multiple "javascript:" sequences in the debug parameter...

CVE-2012-2903

Multiple cross-site scripting XSS vulnerabilities in PHP Address Book 7.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to group.php, or the 2 targetlanguage or 3 targetflag parameter to translate.php...

CVE-2012-2909

Multiple cross-site scripting XSS vulnerabilities in Viscacha 0.8.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 text field in the Private Messages System, 2 Bad Word field in Zensur, or 3 Portal or 4 Topic field in Kommentar...

CVE-2012-1190

Cross-site scripting XSS vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name...

Cross site scripting

Cross-site scripting XSS vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name...

CVE-2012-2001

Cross-site scripting XSS vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the 1 ISO-2022-KR or ...

CVE-2012-1113

Multiple cross-site scripting XSS vulnerabilities in the administration subsystem in Gallery 2 before 2.3.2 and 3 before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the administration subsystem in Gallery 2 before 2.3.2 and 3 before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-1113

Multiple cross-site scripting XSS vulnerabilities in the administration subsystem in Gallery 2 before 2.3.2 and 3 before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...