15795 matches found
CVE-2010-2778
Cross-site scripting XSS vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a "Javascript XSS exploit."...
CVE-2010-4339
Cross-site scripting XSS vulnerability in Hypermail 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted From address, which is not properly handled when indexing messages...
CVE-2010-2723
Cross-site scripting XSS vulnerability in LISTSERV 15 and 16 allows remote attackers to inject arbitrary web script or HTML via the T parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2015-5356
Cross-site scripting XSS vulnerability in admin/filebrowser.php in GetSimple CMS before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the func parameter...
CVE-2013-4507
Cross-site scripting XSS vulnerability in CollectiveAccess Providence and Pawtucket before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-2590
Multiple cross-site scripting XSS vulnerabilities in ESCON SupportPortal Professional Edition 3.0 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted SRC attribute of an IFRAME element, 3 a crafted CONTENT attribute of an...
CVE-2011-1333
Cross-site scripting XSS vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the bulletin board system."...
CVE-2012-4266
Cross-site scripting XSS vulnerability in clientdetails.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the clcomments parameter. NOTE: some of these details are obtained from third party information...
CVE-2012-4236
Cross-site scripting XSS vulnerability in the refreshpage function in application/modules/main/views/top.php in Total Shop UK eCommerce Open Source before 2.1.2p1 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...
CVE-2011-5304
Multiple cross-site scripting XSS vulnerabilities in the Sodahead Polls plugin before 2.0.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via 1 the pollid parameter to customizer.php or 2 the customize parameter to poll.php...
CVE-2011-5287
Multiple cross-site scripting XSS vulnerabilities in HESK before 2.4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 hesksettingstmptitle or 2 hesklangENCODING parameter to inc/header.inc.php; the hesklangattempt parameter to 3 inc/assignmentsearch.inc.php, 4...
CVE-2013-3584
Cross-site scripting XSS vulnerability in Corporater EPM Suite allows remote attackers to inject arbitrary web script or HTML via the customerId parameter to an unspecified component...
CVE-2010-5005
Cross-site scripting XSS vulnerability in members/profileCommentsResponse.php in Rayzz Photoz allows remote attackers to inject arbitrary web script or HTML via the profileCommentTextArea parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
CVE-2010-4932
Cross-site scripting XSS vulnerability in search.php in Entrans before 0.3.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter...
CVE-2010-1036
Cross-site scripting XSS vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-4277
Cross-site scripting XSS vulnerability in CourseForum ProjectForum 7.0.1.3038 allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a more object on a wiki page...
CVE-2015-5529
Multiple cross-site scripting XSS vulnerabilities in Free Reprintables ArticleFR 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter to dashboard/settings/categories/, 2 title or 3 rel parameter to dashboard/settings/links/, or 4 url parameter to...
CVE-2014-8330
Cross-site scripting XSS vulnerability in EspoCRM allows remote authenticated users to inject arbitrary web script or HTML via the Name field in a new account...
CVE-2012-2975
Cross-site scripting XSS vulnerability in the traffic overview page on the F5 ASM appliance 10.0.0 through 11.2.0 HF2 allows remote attackers to inject arbitrary web script or HTML via crafted requests that are later listed on a summary page...
CVE-2005-3854
Cross-site scripting XSS vulnerability in index.php in EasyPageCMS allows remote attackers to inject arbitrary web script or HTML via the cat parameter...