Drupal CMS Updater Module Cross-Site Scripting Vulnerability

Drupal is a free and open source content management system developed in PHP.CMS Updater module for Drupal is a module for Drupal that provides security protection for Drupal websites. A cross-site scripting vulnerability in the Drupal CMS Updater module 7.x-1.3 prior to version 7.x-1.x allows...

Cross-Site Scripting Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. login is one of the login module . A cross-site scripting vulnerability exists in the login module in Joomla! versions 3.4.4 and 3.4.x prior to Joomla! A remote attacker can exploit...

Citrix NetScaler ADC/NetScaler Gateway Cross-Site Scripting Vulnerability

Citrix NetScaler ADCs are application delivery controllers that optimize enterprise service delivery.Citrix Access Gateway is a general purpose SSL VPN appliance. A cross-site scripting vulnerability exists in Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway versions pri...

Joomla! googleSearch (CSE) component cross-site scripting vulnerability

Joomla! is an open source content management system. googleSearch component for Joomla! is a custom search engine component for Joomla! A cross-site scripting vulnerability in googleSearch component 3.0.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the q paramet...

WordPress sourceAFRICA plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's suite of blogging platforms developed in the PHP language, which supports personal blog sites on PHP and MySQL servers. sourceAFRICA is one of the plug-ins for the African Network of Centers for Investigative Reporting that allows journalists to...

Microsoft Exchange Server Cross-Site Scripting Vulnerability (CNVD-2015-05967)

Microsoft Exchange Server is a suite of e-mail service components from Microsoft. A cross-site scripting vulnerability exists in Microsoft Exchange Server 2013 Cumulative Update 8/9/SP1, Outlook Web Access OWA, which can be exploited by remote attackers to inject arbitrary web script or HTML via ...

MediaWiki SemanticForms Extended Cross-Site Scripting Vulnerability (CNVD-2015-05872 (CNVD-C-2015-47230))

MediaWiki is the United States Wikimedia Wikimedia Foundation and MediaWiki volunteers to develop and maintain a set of free and free Web-based Wiki engine , it can be used to deploy internal knowledge management and content management system . SemanticForms is one of the extensions used to creat...

MediaWiki SemanticForms extension cross-site scripting vulnerability (CNVD-2015-05873)

MediaWiki is the United States Wikimedia Wikimedia Foundation and MediaWiki volunteers to develop and maintain a set of free and free Web-based Wiki engine , it can be used to deploy internal knowledge management and content management system . SemanticForms is one of the extensions used to creat...

WordPress MDC Private Message Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports in PHP and MySQL server set up a personal blog site . MDC Private Message is one of the plug-ins used to send private messages . A cross-site scripting vulnerability...

Drupal Time Tracker module cross-site scripting vulnerability (CNVD-2015-05876)

Drupal is a free and open source content management system developed in PHP and maintained by the Drupal community.Time Tracker is one of the modules of the time tracking system. A cross-site scripting vulnerability exists in the Drupal Time Tracker module version 7.x-1.4 prior to 7.x-1.x. The...

OkCupid OKWS Cross-Site Scripting Vulnerability

OkCupid OKWS OK Web Server is a web server for creating web services. A security vulnerability exists in the libahttp/err.c file of OkCupid OKWS, which originates from a non-existent page that does not adequately filter the 'PATHINFO' value. A remote attacker could use this vulnerability to injec...

DEBIAN-CVE-2015-6730

Cross-site scripting XSS vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter, which is not properly handled in an error page, related to "ForeignAPI images."...

PHP Kobo Photo Gallery CMS for PC/smartphone and feature phone Cross Site Scripting Vulnerability

PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone is a photo gallery content management system CMS for PC, smartphone and feature phone from PHP Kobo Japan. A cross-site scripting vulnerability exists in the jquery.lightbox-0.5.min.js file in PHP Kobo Photo Gallery CMS for PC,...

Coppermine Photo Gallery Cross-Site Scripting Vulnerability

Coppermine Photo Gallery is a Web-based album management system. The system provides user management , album password access restrictions and automatic generation of thumbnails and other functions . A cross-site scripting vulnerability exists in the installclassic.php script of Coppermine Photo...

CVE-2015-3219

Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...

Cisco Unified Web and E-mail Interaction Manager Cross-Site Scripting Vulnerability

Cisco Unified Web and E-mail Interaction Manager are both products in Cisco's Customer Collaboration Contact Center.Web Interaction Manager is a product that helps call center agents answer customer questions using websites and text chat or real-time Web collaboration; E-mail Interaction Manager ...

Best Practical Solutions Request Tracker Cross-Site Scripting Vulnerability

Best Practical Solutions Request Tracker RT is an enterprise-grade, open source issue tracking system from Best Practical Solutions in the United States. The system has Bug tracking , customer service , customized workflow and other features . A cross-site scripting vulnerability exists in Best...

CVE-2014-9743

Cross-site scripting XSS vulnerability in the httpdHtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info...

UBUNTU-CVE-2014-9743

Cross-site scripting XSS vulnerability in the httpdHtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info...

Cisco IM and Presence Service Cross-Site Scripting Vulnerability

Cisco IM and Presence Service is the United States Cisco Cisco company's suite of software can provide enterprise-class instant messaging and network presence services. A cross-site scripting vulnerability exists in Cisco IM and Presence Service versions prior to 10.5 MR1, which stems from the...