CVE-2010-1963

Cross-site scripting XSS vulnerability in HP ServiceCenter allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2019-19386

A cross-site scripting XSS vulnerability in app/voicemailgreetings/voicemailgreetingedit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id and/or voicemailid parameter...

CVE-2011-4337

Static code injection vulnerability in translate.php in Support Incident Tracker aka SiT! 3.45 through 3.65 allows remote attackers to inject arbitrary PHP code into an executable language file in the i18n directory via the lang variable...

CVE-2010-2463

Cross-site scripting XSS vulnerability in forum.php in Jamroom before 4.1.9 allows remote attackers to inject arbitrary web script or HTML via the postid parameter in a modify action...

CVE-2011-3865

Cross-site scripting XSS vulnerability in the Black-LetterHead theme before 1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

CVE-2015-1478

Cross-site scripting XSS vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the view parameter to /classifieds...

CVE-2010-2258

Cross-site scripting XSS vulnerability in signupconfirm.php in phpBannerExchange 1.2 Arabic allows remote attackers to inject arbitrary web script or HTML via the bannerurl parameter...

CVE-2012-6463

Cross-site scripting XSS vulnerability in Opera before 12.10 allows remote attackers to inject arbitrary web script or HTML via vectors involving an unspecified sequence of loading of documents and loading of data: URLs...

CVE-2012-2083

Cross-site scripting XSS vulnerability in the fusioncorepreprocesspage function in fusioncore/template.php in the Fusion module before 6.x-1.13 for Drupal allows remote attackers to inject arbitrary web script or HTML via the q parameter...

CVE-2011-4928

Cross-site scripting XSS vulnerability in the textile formatter in Redmine before 1.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-2545

Cross-site scripting XSS vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or HTML via the FROM field of an INVITE message, aka...

CVE-2012-5541

Cross-site scripting XSS vulnerability in the Twitter Pull module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.0-rc3 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "data coming from Twitter."...

CVE-2012-5537

The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal allows remote authenticated users with the "send scheduled newsletters" permission to inject arbitrary PHP code into the scheduling form, which is later executed by cron...

CVE-2013-1247

Cross-site scripting XSS vulnerability in the wireless configuration module in Cisco Prime Infrastructure allows remote attackers to inject arbitrary web script or HTML via an SSID that is not properly handled during display of the XML windowing table, aka Bug ID CSCuf04356...

CVE-2010-3715

Multiple cross-site scripting XSS vulnerabilities in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 the RemoveXSS function, and allow remote authenticated users to inject arbitrary web...

CVE-2012-1224

Cross-site scripting XSS vulnerability in system/classes/login.php in ContentLion Alpha 1.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

CVE-2012-1208

Multiple cross-site scripting XSS vulnerabilities in backend/core/engine/base.php in Fork CMS 3.2.4 and possibly other versions before 3.2.5 allow remote attackers to inject arbitrary web script or HTML via the 1 report parameter to blog/settings or 2 error parameter to users/index...

CVE-2013-5312

Multiple cross-site scripting XSS vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 n parameter to browsevideos.php or the 2 cat parameter to groups.php...

CVE-2012-1086

Cross-site scripting XSS vulnerability in the UrlTool aeurltool extension 0.1.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-0974

Multiple cross-site scripting XSS vulnerabilities in the getParam function in oc-includes/osclass/core/Params.php in OSClass before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via the 1 sCity, 2 sPattern, 3 sPriceMax, and 4 sPriceMin parameters in a search action to...