EUVD-2015-1559

Multiple cross-site scripting XSS vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 horder, 2 jakcatid, 3 jakcontent, 4 jakcss, 5 jakdeletelog, 6 jakemail, 7 jakextfile, 8 jakfile, 9 jakhookshow, 10 jakimg, 11 jakjavascript, 12...

CVE-2014-9649

Cross-site scripting XSS vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled in an error message...

DEBIAN-CVE-2014-9649

Cross-site scripting XSS vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled in an error message...

Pivotal Software RabbitMQ management plugin cross-site scripting vulnerability

Pivotal Software RabbitMQ is a British company Pivotal Software's set of implementation of the Advanced Message Queuing Protocol AMQP open source messaging agent software. rabbitMQ management is one of the management plug-in . A cross-site scripting vulnerability exists in the Pivotal Software...

Wordpress plugin Joomlaskin JS Multi Hotel cross-site scripting vulnerability

WordPress is a blogging platform developed by WordPress Software Foundation using the PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.Joomlaskin JS Multi Hotel plugin is a hotel management plugin. A cross-site scripting vulnerability in the Wordpress plug...

ProjectSend Cross-Site Scripting Vulnerability

ProjectSend is a use of php to achieve the management of the project to send , based on ftp project management aspects of php source code to achieve . ProjectSend has a cross-site scripting vulnerability that allows remote attackers to inject arbitrary web script or HTML into the file upload...

Multiple Cross-Site Scripting Vulnerabilities in Cisco Secure Access Control Server (CNVD-2015-00230)

Cisco Secure ACS Access Control Server is a multifunction AAA authentication server. Multiple cross-site scripting vulnerabilities exist in Cisco Secure Access Control Server, allowing remote attackers to inject arbitrary web script or HTML via unspecified parameters...

IPCop Cross-Site Scripting Vulnerability

IPCop is a Linux-based firewall suite developed by IPCop team, which is mainly for home and SOHO users, providing firewall functions and allowing monitoring and management of various information through some TCP/IP business rules. A cross-site scripting vulnerability exists in versions prior to...

WordPress Plugin Relevanssi Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language, users can set up their own weblogs on servers that support PHP and MySQL databases.Relevanssi plugin is a WordPress search function enhancement plugin. A cross-site scripting vulnerability exists in WordPress plugin Relevanssi...

WordPress PhotoSmash plugin cross-site scripting vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.PhotoSmash plugin is a plugin for adding photo albums. The WordPress PhotoSmash plugin has a cross-site scripting lea...

WordPress Plugin Sodahead Polls Has Multiple Cross-Site Scripting Vulnerabilities

WordPress is a blogging platform developed using the PHP language that allows users to set up their own weblogs on servers that support PHP and MySQL databases.Sodahead Polls plugin is a plugin for polls. WordPress plugin Sodahead Polls suffers from multiple cross-site scripting vulnerabilities...

Social Microblogging PRO Cross-Site Scripting Vulnerability

Social Microblogging PRO is a social microblogging. A cross-site scripting vulnerability in Social Microblogging PRO version 1.5 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO parameter to the default URL...

IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2014-09212)

IBM WebSphere Portal is a framework - including runtime servers, services, tools, and many other features - that you can use to integrate your enterprise into a single, customizable interface called a portal. A cross-site scripting vulnerability in IBM WebSphere Portal versions 6.1.0 through...

CVE-2014-8958

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1 database, 2 table, or 3 column name that is improperly handled during...

CVE-2014-7850

Cross-site scripting XSS vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation...

CVE-2014-9036

Cross-site scripting XSS vulnerability in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted Cascading Style Sheets CSS token sequence in a post...

DEBIAN-CVE-2014-9032

Cross-site scripting XSS vulnerability in the media-playlists feature in WordPress before 3.9.x before 3.9.3 and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-9031

Cross-site scripting XSS vulnerability in the wptexturize function in WordPress before 3.7.5, 3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows remote attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post...

UBUNTU-CVE-2010-5312

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

UBUNTU-CVE-2014-8600

Multiple cross-site scripting XSS vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via a crafted URI using the 1 zip, 2 trash, 3 tar, 4 thumbnail, 5 smtps, 6 smtp, 7 smb...