CVE-2010-4949

Cross-site scripting XSS vulnerability in the 1 FreiChat component before 2.1.2 for Joomla! and the 2 FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML by entering it in an unspecified window...

PT-2011-4741 · Unknown · Black-Letterhead

Name of the Vulnerable Software and Affected Versions: Black-LetterHead theme version 1.5 and earlier Description: A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved by manipulating the PATH INFO to index.php. Recommendations: F...

PT-2011-4740 · Erudite · Erudite

Name of the Vulnerable Software and Affected Versions: The Erudite theme versions prior to 2.7.9 Description: A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. Recommendations: For versions prior to 2.7.9, update to version 2.7.9 ...

VulnCheck KEV: CVE-2011-2444

Cross-site scripting XSS vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as...

Satellite: XSS flaw(s) in filter handling

Multiple cross-site scripting XSS vulnerabilities in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allow remote attackers to inject arbitrary web script or HTML via the "Filter by Synopsis" field and other unspecified filter forms...

CVE-2009-5092

Cross-site scripting XSS vulnerability in the management interface in Microsoft FAST ESP 5.1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

DEBIAN-CVE-2011-3181

Multiple cross-site scripting XSS vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a 1 table name, 2 column name, or 3 index name...

CVE-2011-2904

Cross-site scripting XSS vulnerability in acknow.php in Zabbix before 1.8.6 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter...

CVE-2011-2947

Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document...

CVE-2011-2976

Cross-site scripting XSS vulnerability in Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote attackers to inject arbitrary web script or HTML via vectors involving a BUGLIST cookie...

CVE-2011-2958

Multiple cross-site scripting XSS vulnerabilities in Ecava IntegraXor before 3.60 Build 4080 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

DEBIAN-CVE-2011-2510

Cross-site scripting XSS vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link...

tomcat: XSS vulnerability in HTML Manager interface

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

tomcat: XSS vulnerability in HTML Manager interface

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

flash-plugin: Cross-site scripting vulnerability (APSB11-13)

Cross-site scripting XSS vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting...

CVE-2011-1727

Cross-site scripting XSS vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an "HTML injection" issue...

CVE-2011-1716

Multiple cross-site scripting XSS vulnerabilities in the Web UI in Xymon before 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

DEBIAN-CVE-2011-1157

Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments...

PYSEC-2011-21

Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme, as demonstrated by a javascript: URI...

CVE-2011-1671

Cross-site scripting XSS vulnerability in app/controllers/todoscontroller.rb in Tracks 1.7.2, 2.0RC2, and 2.0devel allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to todos/tag/. NOTE: some of these details are obtained from third party information...