CVE-2011-1940

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to 1 libraries/tbllinks.inc.php and...

CVE-2012-0914

Cross-site scripting XSS vulnerability in displayrenderers/panelsrenderereditor.class.php in the admin view in the Panels module 6.x-2.x before 6.x-3.10 and 7.x-3.x before 7.x-3.0 for Drupal allows remote authenticated users with certain privileges to inject arbitrary web script or HTML via the...

CVE-2012-0791

Multiple cross-site scripting XSS vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 composeCache, 2 rtemode, or 3 filename parameters to the compose page; 4 formname parameter to the...

Cross site scripting

Cross-site scripting XSS vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 composeCache, 2 rtemode, or 3 filename parameters to the compose page; 4 formname parameter to the...

CVE-2012-0389

Cross-site scripting XSS vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Stoneware webNetwork before 6.0.8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-0285

Multiple cross-site scripting XSS vulnerabilities in Stoneware webNetwork before 6.0.8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-0899

Cross-site scripting XSS vulnerability in referencement/sitesinscription.php in Annuaire PHP allows remote attackers to inject arbitrary web script or HTML via the url parameter and possibly the nom parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Zimbra Desktop 7.1.2 b10978 allow remote attackers to inject arbitrary web script or HTML via the 1 Username or 2 MailBox Name...

Cogent OPC DataHub and Cascade DataHub < 7.2 XSS and CRLF Vulnerabilities

OPC DataHub or Cascade DataHub is prone to multiple cross-site scripting XSS and CRLF vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2011-5065

Cross-site scripting XSS vulnerability in IBM WebSphere Application Server WAS 6.1 before 6.1.0.41 allows remote attackers to inject arbitrary web script or HTML via vectors related to web messaging...

CVE-2012-0696

Multiple cross-site scripting XSS vulnerabilities in the Executive Viewer EV in IBM Cognos TM1 before 9.5 FP1 allow remote attackers to inject arbitrary web script or HTML via unspecified requests to 1 aspnetclient or 2 evserver/createcontrol.js...

Cross site scripting

Cross-site scripting XSS vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the administration interface in RHQ 4.2.0, as used in JBoss Operations Network aka JON or JBoss ON before 3.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter...

CVE-2011-5019

Cross-site scripting XSS vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the ddb parameter...

CVE-2011-4778

Cross-site scripting XSS vulnerability in Splunk Web in Splunk 4.2.x before 4.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPL-44614...

CVE-2011-3657

Multiple cross-site scripting XSS vulnerabilities in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when debug mode is used, allow remote attackers to inject arbitrary web script or HTML via vectors involving a 1 tabular...

CVE-2011-5042

Cross-site scripting XSS vulnerability in inc/lib/lib.base.php in SASHA 0.2.0 allows remote attackers to inject arbitrary web script or HTML via the instructors parameter. NOTE: the original disclosure also mentions the sectiontitle parameter, but this was disputed by the vendor and retracted by...