Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in wgarcmin.cgi in Webglimpse 2.20.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 URL, 2 FILE, or 3 DOMAIN parameters...

Cross site scripting

Cross-site scripting XSS vulnerability in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0 allows remote attackers to inject arbitra...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allow remote attackers to inject arbitrary web script or HTML via the uisesionid parameter to 1 maximo.jsp or 2 the default URI under ui/...

CVE-2012-0195

Cross-site scripting XSS vulnerability in the Start Center Layout and Configuration component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service...

Cross site scripting

Cross-site scripting XSS vulnerability in the Autocomplete plugin before 3.0 for SquirrelMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-0588

Cross-site scripting XSS vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0589...

Cross site scripting

Cross-site scripting XSS vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0588...

Cross site scripting

Cross-site scripting XSS vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0589...

Cross site scripting

Cross-site scripting XSS vulnerability in WebKit, as used in Apple iOS before 5.1, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a drag-and-drop operation...

Cross site scripting

Cross-site scripting XSS vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0587, CVE-2012-0588, and CVE-2012-0589...

CVE-2012-0587

Cross-site scripting XSS vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589...

CVE-2012-1213

Cross-site scripting XSS vulnerability in zimbra/h/calendar in Zimbra Web Client in Zimbra Collaboration Suite ZCS 6.x before 6.0.15 and 7.x before 7.1.3 allows remote attackers to inject arbitrary web script or HTML via the view parameter...

CVE-2012-1211

Cross-site scripting XSS vulnerability in pfile/kommentar.php in Powie pFile 1.02 allows remote attackers to inject arbitrary web script or HTML via the filecat parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in zimbra/h/calendar in Zimbra Web Client in Zimbra Collaboration Suite ZCS 6.x before 6.0.15 and 7.x before 7.1.3 allows remote attackers to inject arbitrary web script or HTML via the view parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Boonex Dolphin before 7.0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 explain parameter to explanation.php or the 2 photosonly, 3 onlineonly, or 4 mode parameters to viewFriends.php...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM WebSphere Lombardi Edition 7.2 allows remote attackers to inject arbitrary web script or HTML via crafted text input to a coach that is configured with a document attachment control section...

CVE-2012-0995

Multiple cross-site scripting XSS vulnerabilities in ZENphoto 1.4.2 allow remote attackers to inject arbitrary web script or HTML via the 1 msg parameter in an external action to zp-core/admin.php, 2 PATHINTO to an unspecified URL, as demonstrated using /1/, 3 PATHINFO to zp-core/admin.php, or 4...

CVE-2012-0995

Multiple cross-site scripting XSS vulnerabilities in ZENphoto 1.4.2 allow remote attackers to inject arbitrary web script or HTML via the 1 msg parameter in an external action to zp-core/admin.php, 2 PATHINTO to an unspecified URL, as demonstrated using /1/, 3 PATHINFO to zp-core/admin.php, or 4...

CVE-2012-1215

The CVE-2012-1215 entry describes a Cross-site scripting (XSS) vulnerability in the Add friends module of the Yoono Firefox extension, exploited via the create field in a "Create a group" action. The affected product is the Yoono extension for Firefox, with versions prior to 7.7.8. The underlying...

CVE-2011-3361

Cross-site scripting XSS vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a browse action to index.cgi...