4572 matches found
The vulnerability of the Flash Player software, which allows a malicious attacker to compromise the integrity of protected information
Cross-site scripting XSS in the Adobe Flash Player allows malicious individuals to inject any web script or HTML code remotely...
IBM Cognos Business Intelligence Cognos TM1 Cross-Site Scripting Vulnerability
IBM Cognos Business Intelligence BI is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in making adjustments to their decisions by analyzing key factors and key stakeholders, etc. IBM Cogn...
phpMyAdmin cross-site scripting vulnerability (CNVD-2016-04565)
phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A cross-site scripting vulnerability exists in...
CVE-2016-2862
Cross-site scripting XSS vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 before 7.0.0.9 cumulative iFix 3, and 8.0 before 8.0.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
DEBIAN-CVE-2016-5733
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted table name that is mishandled during privilege checking in...
UBUNTU-CVE-2016-5733
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted table name that is mishandled during privilege checking in...
CVE-2016-5834
Cross-site scripting XSS vulnerability in the wpgetattachmentlink function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5833...
WordPress Collne Welcart e-Commerce Plugin Cross-Site Scripting Vulnerability (CNVD-2016-04350)
WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Collne Welcart e-Commerce is one of the e-commerce plug-ins. A cross-site scripting vulnerability exists in WordPress Colln...
CVE-2016-4827
Cross-site scripting XSS vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4826...
CVE-2016-4826
Cross-site scripting XSS vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4827...
Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerability
Cisco Unified Contact Center Enterprise is a set of IP-based contact center components from Cisco. It provides intelligent contact routing, call processing, network-to-desktop computer telephony integration CTI, and multi-channel contact management capabilities over an IP infrastructure. A...
IBM Maximo Asset Management Cross-Site Scripting Vulnerability
IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control for these assets. A cross-site...
CVE-2016-1226
Cross-site scripting XSS vulnerability in Trend Micro Internet Security 8 and 10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2016-1396
Cross-site scripting XSS vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to inject arbitrary web script or HTML via a...
CVE-2016-4159
Cross-site scripting XSS vulnerability in Adobe ColdFusion 10 before Update 20, 11 before Update 9, and 2016 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
PT-2016-6143 · Pulse · Pulse Connect Secure
Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure PCS versions 7.4 through 7.4r13.3 Pulse Connect Secure PCS versions 8.0 through 8.0r8 Pulse Connect Secure PCS versions 8.1 through 8.1r1 Pulse Connect Secure PCS versions 8.2 through 8.2r0 Description: A cross-site...
CVE-2016-4575
Cross-site scripting XSS vulnerability in the email APP in Huawei PLK smartphones with software AL10C00 before AL10C00B211 and AL10C92 before AL10C92B211; ATH smartphones with software AL00C00 before AL00C00B361, CL00C92 before CL00C92B361, TL00HC01 before TL00HC01B361, and UL00C00 before...
WordPress Cross-Site Scripting Vulnerability (CNVD-2016-03647)
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation. A cross-site scripting vulnerability exists in the wp-includes/wp-db.php file in versions of WordPress prior to 4.2.2, which can be exploited by remote attackers to inject arbitrary web...
CVE-2016-2153
Cross-site scripting XSS vulnerability in the advanced-search feature in moddata in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote attackers to inject arbitrary web script or HTML via a crafted field in a URL, as...
CVE-2016-4567
Cross-site scripting XSS vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."...