CVE-2016-5834

Cross-site scripting XSS vulnerability in the wpgetattachmentlink function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5833...

WordPress Collne Welcart e-Commerce Plugin Cross-Site Scripting Vulnerability (CNVD-2016-04350)

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Collne Welcart e-Commerce is one of the e-commerce plug-ins. A cross-site scripting vulnerability exists in WordPress Colln...

CVE-2016-4827

Cross-site scripting XSS vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4826...

CVE-2016-4826

Cross-site scripting XSS vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4827...

Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerability

Cisco Unified Contact Center Enterprise is a set of IP-based contact center components from Cisco. It provides intelligent contact routing, call processing, network-to-desktop computer telephony integration CTI, and multi-channel contact management capabilities over an IP infrastructure. A...

IBM Maximo Asset Management Cross-Site Scripting Vulnerability

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control for these assets. A cross-site...

CVE-2016-1226

Cross-site scripting XSS vulnerability in Trend Micro Internet Security 8 and 10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-1396

Cross-site scripting XSS vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to inject arbitrary web script or HTML via a...

CVE-2016-4159

Cross-site scripting XSS vulnerability in Adobe ColdFusion 10 before Update 20, 11 before Update 9, and 2016 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

PT-2016-6143 · Pulse · Pulse Connect Secure

Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure PCS versions 7.4 through 7.4r13.3 Pulse Connect Secure PCS versions 8.0 through 8.0r8 Pulse Connect Secure PCS versions 8.1 through 8.1r1 Pulse Connect Secure PCS versions 8.2 through 8.2r0 Description: A cross-site...

CVE-2016-4575

Cross-site scripting XSS vulnerability in the email APP in Huawei PLK smartphones with software AL10C00 before AL10C00B211 and AL10C92 before AL10C92B211; ATH smartphones with software AL00C00 before AL00C00B361, CL00C92 before CL00C92B361, TL00HC01 before TL00HC01B361, and UL00C00 before...

WordPress Cross-Site Scripting Vulnerability (CNVD-2016-03647)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation. A cross-site scripting vulnerability exists in the wp-includes/wp-db.php file in versions of WordPress prior to 4.2.2, which can be exploited by remote attackers to inject arbitrary web...

CVE-2016-2153

Cross-site scripting XSS vulnerability in the advanced-search feature in moddata in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote attackers to inject arbitrary web script or HTML via a crafted field in a URL, as...

CVE-2016-4567

Cross-site scripting XSS vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."...

CVE-2016-1564

Multiple cross-site scripting XSS vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a 1 stylesheet name or 2 template name to wp-admin/customize.php...

UBUNTU-CVE-2016-4566

Cross-site scripting XSS vulnerability in plupload.flash.swf in Plupload before 2.1.9, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via a Same-Origin Method Execution SOME attack...

UBUNTU-CVE-2016-1564

Multiple cross-site scripting XSS vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a 1 stylesheet name or 2 template name to wp-admin/customize.php...

Wordpress Scoreme Theme Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports in PHP and MySQL servers to set up a personal blog site.ScoreMe is a plugin for WordPress. A cross-site scripting vulnerability exists in Wordpress Scoreme Theme. A...

PT-2017-7998 · Red Hat · Red Hat Satellite

Name of the Vulnerable Software and Affected Versions: Red Hat Satellite 5 affected versions not specified Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The affected API...

IBM Marketing Platform Cross-Site Scripting Vulnerability

IBM Marketing Platform is a suite of marketing platforms from IBM in the United States. The platform supports marketers in leveraging and analyzing customer interactions on websites, cell phones and social media to deliver targeted marketing campaigns to customers. A cross-site scripting...