CVE-2009-4397

Cross-site scripting XSS vulnerability in the Diocese of Portsmouth Resources Database pdresources extension 0.1.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-0963

Cross-site scripting XSS vulnerability in index.php in dl Download Ticket Service before 0.7 allows remote attackers to inject arbitrary web script or HTML via the t parameter, related to an invalid ticket ID. NOTE: some of these details are obtained from third party information...

CVE-2010-0675

Cross-site scripting XSS vulnerability in index.php in BGSvetionik BGS CMS 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action. NOTE: some of these details are obtained from third party information...

CVE-2010-0326

Cross-site scripting XSS vulnerability in the Developer log devlog extension 2.9.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-0797

Cross-site scripting XSS vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-0449

Cross-site scripting XSS vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2001-1522

Cross-site scripting XSS vulnerability in im.php in IMessenger for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via a message...

CVE-2001-1526

Cross-site scripting XSS vulnerability in the comments action in index.php in easyNews 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the zeit parameter...

CVE-2003-1146

Cross-site scripting XSS vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter...

CVE-2021-33339

Cross-site scripting XSS vulnerability in the Fragment module in Liferay Portal 7.2.1 through 7.3.4, and Liferay DXP 7.2 before fix pack 9 allows remote attackers to inject arbitrary web script or HTML via the comliferaysiteadminwebportletSiteAdminPortletname parameter...

CVE-2021-28901

Multiple cross-site scripting XSS vulnerabilities exist in SITA Software Azur CMS 1.2.3.1 and earlier, which allows remote attackers to inject arbitrary web script or HTML via the 1 NOMCLI , 2 ADRESSE , 3 ADRESSE2, 4 LOCALITE parameters to /eshop/products/json/aouCustomerAdresse; and the 5 nomlis...

CVE-2022-42110

A Cross-site scripting XSS vulnerability in the Announcements module in Liferay Portal 7.1.0 through 7.4.2, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML...

CVE-2022-42118

A Cross-site scripting XSS vulnerability in the Portal Search module in Liferay Portal 7.1.0 through 7.4.2, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 15, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the tag parameter...

CVE-2008-6340

Cross-site scripting XSS vulnerability in the Vox populi mvvoxpopuli extension 0.3.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2008-6571

Multiple cross-site scripting XSS vulnerabilities in LinPHA before 1.3.4 might allow remote attackers to inject arbitrary web script or HTML via 1 newimages.php, 2 login.php, and unspecified vectors...

CVE-2008-6346

Cross-site scripting XSS vulnerability in the DR Wiki drwiki extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2019-11398

Multiple cross-site scripting XSS vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote attackers to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/index.php?action=favicon...

CVE-2011-0909

Cross-site scripting XSS vulnerability in Vanilla Forums before 2.0.17.6 allows remote attackers to inject arbitrary web script or HTML via the p parameter to an unspecified component, a different vulnerability than CVE-2011-0526...

CVE-2020-7994

Multiple cross-site scripting XSS vulnerabilities in Dolibarr 10.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 labellibelle parameter to the /htdocs/admin/dict.php?id=3 page; the 2 nameconstname parameter to the /htdocs/admin/const.php?mainmenu=home page; the 3...

CVE-2020-12708

Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the catid parameter to downloads/downloads.php or article.php. NOTE: this might overlap CVE-2012-6043...