PHP Kobo Photo Gallery CMS for PC/smartphone and feature phone Cross Site Scripting Vulnerability

PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone is a photo gallery content management system CMS for PC, smartphone and feature phone from PHP Kobo Japan. A cross-site scripting vulnerability exists in the jquery.lightbox-0.5.min.js file in PHP Kobo Photo Gallery CMS for PC,...

Coppermine Photo Gallery Cross-Site Scripting Vulnerability

Coppermine Photo Gallery is a Web-based album management system. The system provides user management , album password access restrictions and automatic generation of thumbnails and other functions . A cross-site scripting vulnerability exists in the installclassic.php script of Coppermine Photo...

CVE-2015-3219

Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...

Cisco Unified Web and E-mail Interaction Manager Cross-Site Scripting Vulnerability

Cisco Unified Web and E-mail Interaction Manager are both products in Cisco's Customer Collaboration Contact Center.Web Interaction Manager is a product that helps call center agents answer customer questions using websites and text chat or real-time Web collaboration; E-mail Interaction Manager ...

Best Practical Solutions Request Tracker Cross-Site Scripting Vulnerability

Best Practical Solutions Request Tracker RT is an enterprise-grade, open source issue tracking system from Best Practical Solutions in the United States. The system has Bug tracking , customer service , customized workflow and other features . A cross-site scripting vulnerability exists in Best...

CVE-2014-9743

Cross-site scripting XSS vulnerability in the httpdHtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info...

UBUNTU-CVE-2014-9743

Cross-site scripting XSS vulnerability in the httpdHtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info...

Cisco IM and Presence Service Cross-Site Scripting Vulnerability

Cisco IM and Presence Service is the United States Cisco Cisco company's suite of software can provide enterprise-class instant messaging and network presence services. A cross-site scripting vulnerability exists in Cisco IM and Presence Service versions prior to 10.5 MR1, which stems from the...

CVE-2015-3440

Cross-site scripting XSS vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type...

Cisco WebEx Meeting Cross-Site Scripting Vulnerability

Cisco WebEx Meetings are web conferencing solutions. Cisco WebEx Meeting Center suffers from a cross-site scripting vulnerability in its implementation, which can be exploited by remote attackers to inject arbitrary web script or HTML via unspecified values...

jquery-ui: XSS vulnerability in jQuery.ui.dialog title option

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

Cisco Hosted Collaboration Solution Cross-Site Scripting Vulnerability

Cisco Hosted Collaboration Solution HCS is a suite of hosted collaboration solutions from the U.S. company Cisco Cisco. The solution includes Cisco TelePresence, Customer Collaboration Contact Center and Unified Communications products to support customers in the public cloud, private cloud and...

TYPO3 '404 Page not found handling' extension cross-site scripting vulnerability

TYPO3 is a free and open source content management system. 404 Page not found handling is a 404 Page not found handling extension plugin. A cross-site scripting vulnerability exists in the TYPO3 '404 Page not found handling' extension that allows remote attackers to exploit the vulnerability to...

Creative X-Cart Cross-Site Scripting Vulnerability

Creative X-Cart is a Russian company Creative open source PHP e-commerce software . The software provides favorites , order records and inventory management modules. A cross-site scripting vulnerability exists in Creative X-Cart 4.5.0 and earlier versions. A remote attacker can exploit this...

ArcGIS Desktop/Engine/Server Cross-Site Scripting Vulnerability

The ArcGIS for Server software platform enables users to create, manage, and distribute GIS services over the Web and to support desktop software applications, mobile terminal applications, and Web mapping applications in the form of services. Multiple cross-site scripting vulnerabilities exist i...

Siemens Climatix BACnet/IP Communication Module Cross-Site Scripting Vulnerability

The Siemens Climatix BACnet/IP communication module is a communication module for BACnet networks from Siemens, Germany. A cross-site scripting vulnerability exists in the integrated web server in the Siemens Climatix BACnet/IP communication module using firmware versions prior to 10.34. A remote...

Symantec Data Loss Prevention Enforce Server Cross-Site Scripting Vulnerability

Symantec Data Loss Prevention DLP is a data leakage protection solution from Symantec Symantec. The program provides data leakage protection management and reporting and other functions. A cross-site scripting vulnerability exists in the management console in Enforce Server in Symantec DLP versio...

CVE-2015-1159

Cross-site scripting XSS vulnerability in the cgiputs function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/...

Opsview Cross-Site Scripting Vulnerability

Opsview is a suite of enterprise-class network, server and application monitoring tools from Opsview UK. The tool can be integrated with monitoring systems such as Nagios Core and RRDTool. A cross-site scripting vulnerability exists in Opsview 4.6.2 and earlier versions. A remote attacker can...

WordPress Genericons Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites on PHP and MySQL servers.Genericons is a set of free tools for creating blog icon fonts. A cross-site scripting vulnerability exists in the...