4548 matches found
CVE-2013-4612
Multiple cross-site scripting XSS vulnerabilities in REDCap before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving different modules...
CVE-2013-3604
Multiple cross-site scripting XSS vulnerabilities in Coursemill Learning Management System LMS 6.6 allow remote attackers to inject arbitrary web script or HTML via crafted input...
CVE-2013-0134
Cross-site scripting XSS vulnerability in the web interface in AirDroid allows remote attackers to inject arbitrary web script or HTML via a crafted text message that is transmitted by a managed phone...
CVE-2013-5314
Cross-site scripting XSS vulnerability in serendipityadminimageselector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipityhtmltarget parameter...
CVE-2014-5248
Cross-site scripting XSS vulnerability in MyBB before 1.6.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to video MyCode...
CVE-2011-4836
Cross-site scripting XSS vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to inject arbitrary web script or HTML via a request for a crafted URI...
CVE-2011-3382
Cross-site scripting XSS vulnerability in Phorum before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-4361
Cross-site scripting XSS vulnerability in url-gateway.php in Jurpopage 0.2.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2010-1420
Cross-site scripting XSS vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file...
CVE-2014-3456
Cross-site scripting XSS vulnerability in GitLab Enterprise Edition EE 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-6515
Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.4, 6.1.x before 6.1.8, 6.0.x before 6.0.9, and 5.0.x before 5.0.13 and Splunk Light 6.2.x before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via a header...
CVE-2011-3383
Cross-site scripting XSS vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to "the web page to be output."...
CVE-2019-5404
A remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media versions: prior to 3.5.0.1...
CVE-2013-4704
Cross-site scripting XSS vulnerability in ChamaNet ChamaCargo 7.0000 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-4716
Cross-site scripting XSS vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-0695
Cross-site scripting XSS vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the navid parameter...
CVE-2010-0345
Cross-site scripting XSS vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-1052
Multiple cross-site scripting XSS vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to inject arbitrary web script or HTML via the 1 year and 2 mday parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2011-4647
Multiple cross-site scripting XSS vulnerabilities in the story creation feature in Geeklog 1.8.0 allow remote attackers to inject arbitrary web script or HTML via the 1 code or 2 raw BBcode tags...
CVE-2014-100021
Cross-site scripting XSS vulnerability in symfony/web/index.php/pim/viewEmployeeList in OrangeHRM before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the empsearchemployeenameempId parameter...