CVE-2009-1080

Multiple cross-site scripting XSS vulnerabilities in Sun Java System Identity Manager IdM 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID 19033...

CVE-2009-3901

Multiple cross-site scripting XSS vulnerabilities in e-Courier CMS allow remote attackers to inject arbitrary web script or HTML via the UserGUID parameter to home/index.asp and other unspecified vectors...

CVE-2008-7250

Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.4 allows remote attackers to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: this issue exists...

CVE-2008-7223

Multiple cross-site scripting XSS vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via 1 ftp/index.php, 2 viewer.php, 3 functions/other.php, 4 include/leftmenu.class.php, or 5 plugins/stats/statsview.php...

CVE-2009-3821

Cross-site scripting XSS vulnerability in the Apache Solr Search solr extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-3816

Multiple cross-site scripting XSS vulnerabilities in Activities pages in the Mobile subsystem in IBM Lotus Connections 2.5.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2005-3015

Cross-site scripting XSS vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the 1 BaseTarget or 2 Src parameters...

CVE-2005-0662

Cross-site scripting XSS vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the Avatar field...

CVE-2005-4256

Cross-site scripting XSS vulnerability in forum.asp in ASP-DEV XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via the forumtitle parameter. NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. In addition, its accuracy is in...

CVE-2005-2839

Multiple cross-site scripting XSS vulnerabilities in MAXdev MD-Pro 1.0.72 allow remote attackers to inject arbitrary web script or HTML via 1 dl-search.php or 2 wl-search.php...

CVE-2006-2957

Cross-site scripting XSS vulnerability in i.List 1.5 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the banurl parameter to add.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information...

CVE-2008-1228

Cross-site scripting XSS vulnerability in admin.php in MG2 formerly Minigal allows remote attackers to inject arbitrary web script or HTML via the list parameter in an import action...

CVE-2009-0764

Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2007-1965

Multiple cross-site scripting XSS vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the setlang parameter to 1 archive.php, 2 article.php, 3 index.php, or 4 topics.php...

CVE-2005-4028

Multiple cross-site scripting XSS vulnerabilities in aMember allow remote attackers to inject arbitrary web script or HTML via the 1 lamemberlogin parameter to sendpass.php and 2 login parameter to member.php...

SUSE CVE-2014-0611

Multiple cross-site scripting XSS vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

SUSE CVE-2010-2778

Cross-site scripting XSS vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a "Javascript XSS exploit."...

BIT-DOLIBARR-2020-14475

A reflected cross-site scripting XSS vulnerability in Dolibarr 11.0.3 allows remote attackers to inject arbitrary web script or HTML into public/notice.php related to transphrase and transkey...

BIT-DOLIBARR-2020-13828

Dolibarr 11.0.4 is affected by multiple stored Cross-Site Scripting XSS vulnerabilities that could allow remote authenticated attackers to inject arbitrary web script or HTML via ticket/card.php?action=create with the subject, message, or address parameter; adherents/card.php with the societe or...

CVE-2025-2536

Cross-site scripting XSS vulnerability on Liferay Portal 7.4.3.82 through 7.4.3.128, and Liferay DXP 2024.Q3.0, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 update 82 through update 92 in the Frontend JS module's...