Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Infoproject Biznis Heroj allow remote attackers to inject arbitrary web script or HTML via the config parameter to 1 nalozinaslov.php and 2 widget.dokumentilista.php...

Cross site scripting

Cross-site scripting XSS vulnerability in inc/lib/lib.base.php in SASHA 0.2.0 allows remote attackers to inject arbitrary web script or HTML via the instructors parameter. NOTE: the original disclosure also mentions the sectiontitle parameter, but this was disputed by the vendor and retracted by...

CVE-2011-5040

Multiple cross-site scripting XSS vulnerabilities in Infoproject Biznis Heroj allow remote attackers to inject arbitrary web script or HTML via the config parameter to 1 nalozinaslov.php and 2 widget.dokumentilista.php...

CVE-2011-5041

Multiple cross-site scripting XSS vulnerabilities in Pulse Pro CMS 1.7.2 allow remote attackers to inject arbitrary web script or HTML via the 1 d parameter in a blocks action and 2 postid parameter in an edit-post action to index.php...

CVE-2011-5042

Cross-site scripting XSS vulnerability in inc/lib/lib.base.php in SASHA 0.2.0 allows remote attackers to inject arbitrary web script or HTML via the instructors parameter. NOTE: the original disclosure also mentions the sectiontitle parameter, but this was disputed by the vendor and retracted by...

Cross site scripting

Cross-site scripting XSS vulnerability in ZABBIX before 1.8.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the profiler...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Simple PHP Blog 0.7.0 and possibly earlier allow remote attackers to inject arbitrary web script or HTML via the 1 entry parameter to delete.php or 2 category parameter to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in mmsearch/design in the Mailman/htdig integration patch for Mailman allows remote attackers to inject arbitrary web script or HTML via the config parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML via 1 the tag parameter to editTag.yaws, 2 the index parameter to showOldPage.yaws, 3 the node parameter to allRefsToMe.yaws, or 4 the text paramete...

CVE-2011-3841

Cross-site scripting XSS vulnerability in uploadify/getprofileavatar.php in the WP Symposium plugin before 11.12.08 for WordPress allows remote attackers to inject arbitrary web script or HTML via the uid parameter...

CVE-2011-4634

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted database name, related to the Database Synchronize panel; 2 a crafted database name, related to the Database rename panel; 3 a crafted S...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted database name, related to the Database Synchronize panel; 2 a crafted database name, related to the Database rename panel; 3 a crafted S...

Cross site scripting

Cross-site scripting XSS vulnerability in plugin/comment.inc.php in PukiWiki Plus! 1.4.7plus-u2-i18n and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in libraries/displayexport.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the 1 server, 2 database, and 3 table sections...

CVE-2011-4782

Cross-site scripting XSS vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by smb/user/create and certain other files...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SmarterTools SmarterStats 6.2.4100 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by Default.aspx and certain other files...

Cross site scripting

Cross-site scripting XSS vulnerability in the Site Editor aka SiteBuilder feature in Parallels Plesk Panel 10.4.4build20111103.18 allows remote attackers to inject arbitrary web script or HTML via the login parameter to preferences.html...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Control Panel in Parallels Plesk Panel 10.4.4build20111103.18 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by admin/update/settings/ and certain other files...

CVE-2011-4754

Multiple cross-site scripting XSS vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by smb/app/available/id/apscatalog/ and certain other files...