CVE-2015-1566

Cross-site scripting XSS vulnerability in DotNetNuke DNN before 7.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-3649

Cross-site scripting XSS vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field...

CVE-2013-4703

Cross-site scripting XSS vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-3869

Cross-site scripting XSS vulnerability in include/classes/class.rexlist.inc.php in REDAXO 4.3.x and 4.4 allows remote attackers to inject arbitrary web script or HTML via the subpage parameter to index.php...

CVE-2013-0323

Cross-site scripting XSS vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the author field...

CVE-2012-3832

Cross-site scripting XSS vulnerability in decoda/Decoda.php in Decoda before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to 1 b or 2 div tags...

CVE-2013-2337

Cross-site scripting XSS vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-0607

Cross-site scripting XSS vulnerability in Forms/statusstatistics1 in the Sterlite SAM300 AX Router allows remote attackers to inject arbitrary web script or HTML via the StatRadio parameter...

CVE-2010-3462

Cross-site scripting XSS vulnerability in backend/plugin/Registration/index.php in Mollify 1.6, 1.6.5.5, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the confirm parameter. NOTE: some of these details are obtained from third party information...

CVE-2011-3861

Cross-site scripting XSS vulnerability in the Web Minimalist 200901 theme before 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

CVE-2011-3855

Cross-site scripting XSS vulnerability in the F8 Lite theme before 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

CVE-2012-2326

Cross-site scripting XSS vulnerability in the Admin Control Panel ACP in MyBB aka MyBulletinBoard before 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malformed file name in an orphaned attachment...

CVE-2010-2365

Cross-site scripting XSS vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-2316

Multiple cross-site scripting XSS vulnerabilities in default.asp in WmsCms 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 search, 2 sbr, 3 p, and 4 sbl parameters, different vectors than CVE-2007-3137...

CVE-2012-6627

Cross-site scripting XSS vulnerability in admin/testmail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter...

CVE-2012-6458

Multiple cross-site scripting XSS vulnerabilities in the SilverStripe e-commerce module 3.0 for SilverStripe CMS allow remote attackers to inject arbitrary web script or HTML via the 1 FirstName, 2 Surname, or 3 Email parameter to code/forms/OrderFormAddress.php; or the 4 FirstName or 5 Surname...

CVE-2014-10035

Multiple cross-site scripting XSS vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to inject arbitrary web script or HTML via the 1 sEcho parameter to commentspaginate.php or 2 storespaginate.php or the 3 affiliateurl, 4 description, 5 domain, 6...

CVE-2010-2049

Cross-site scripting XSS vulnerability in jsp/audit/reports/ExportReport.jsp in ManageEngine ADAudit Plus 4.0.0 build 4043 allows remote attackers to inject arbitrary web script or HTML via the reportList parameter. NOTE: the provenance of this information is unknown; the details are obtained...

CVE-2014-100037

Cross-site scripting XSS vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to archives/...

CVE-2013-7419

Cross-site scripting XSS vulnerability in includes/refreshDate.php in the Joomlaskin JS Multi Hotel aka JS MultiHotel and Js-Multi-Hotel plugin 2.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the roomid parameter...