CVE-2012-2399

Cross-site scripting XSS vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Demand Media Pluck SiteLife before 5.0.13 allow remote attackers to inject arbitrary web script or HTML via 1 the jsonRequest parameter to Direct/Process, the 2 r or 3 cb parameter to Direct/jsonp.htm, or 4 the cb parameter to sys/jsonp.app/.ht...

CVE-2012-0253

Multiple cross-site scripting XSS vulnerabilities in Demand Media Pluck SiteLife before 5.0.13 allow remote attackers to inject arbitrary web script or HTML via 1 the jsonRequest parameter to Direct/Process, the 2 r or 3 cb parameter to Direct/jsonp.htm, or 4 the cb parameter to sys/jsonp.app/.ht...

CVE-2012-1984

Multiple cross-site scripting XSS vulnerabilities in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the RECRUIT Dokodemo Rikunabi 2013 extension before 1.0.1 for Google Chrome allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-2156

Multiple cross-site scripting XSS vulnerabilities in Plume CMS 1.2.4 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the uemail parameter aka Authors Email field to manager/users.php, 2 the urealname parameter aka Authors Name field to manager/users.php, or 3 the...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Plume CMS 1.2.4 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the uemail parameter aka Authors Email field to manager/users.php, 2 the urealname parameter aka Authors Name field to manager/users.php, or 3 the...

Cross site scripting

Cross-site scripting XSS vulnerability in the telerik HTML editor in DotNetNuke before 5.6.4 and 6.x before 6.1.0 allows remote attackers to inject arbitrary web script or HTML via a message...

CVE-2012-2156

Multiple cross-site scripting XSS vulnerabilities in Plume CMS 1.2.4 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the uemail parameter aka Authors Email field to manager/users.php, 2 the urealname parameter aka Authors Name field to manager/users.php, or 3 the...

CVE-2012-0132

Cross-site scripting XSS vulnerability in HP Business Availability Center BAC 9.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-0327

Cross-site scripting XSS vulnerability in Redmine before 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-0225

Cross-site scripting XSS vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-0399

Multiple cross-site scripting XSS vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-0872

Multiple cross-site scripting XSS vulnerabilities in OxWall 1.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 captchaField, 2 email, 3 formname, 4 password, 5 realname, 6 repeatPassword, or 7 username parameters to Oxwall/join; 8 captcha, 9 email, 10...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Dotclear before 2.4.2 allow remote attackers to inject arbitrary web script or HTML via the 1 logindata parameter to admin/auth.php; 2 nb parameter to admin/blogs.php; 3 type, 4 sortby, 5 order, or 6 status parameters to admin/comments.php; or ...

CVE-2012-0872

Multiple cross-site scripting XSS vulnerabilities in OxWall 1.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 captchaField, 2 email, 3 formname, 4 password, 5 realname, 6 repeatPassword, or 7 username parameters to Oxwall/join; 8 captcha, 9 email, 10...

Cross site scripting

Cross-site scripting XSS vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the DOC parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Kongreg8 1.7.3 allow remote attackers to inject arbitrary web script or HTML via the 1 surname or 2 firstname parameters to modules/members/addmember.php; or 3 groupdescription or 4 groupname parameters to modules/groups/addgroupform.php...