13 matches found
CVE-2015-9500
The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via the anchor identifier to assets/js/jquery.foundation.plugins.js...
SUSE CVE-2008-4696
Cross-site scripting XSS vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier aka the "optional fragment", which is not properly escaped before storage in the History Search database aka md.dat...
SUSE CVE-2013-4997
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in 1 an anchor identifier to setup/index.php or 2 a chartTitle aka chart title value...
Design/Logic Flaw
The Auberge theme before 1.4.5 for WordPress has XSS via the genericons/example.html anchor identifier...
CVE-2015-9502
The Auberge theme before 1.4.5 for WordPress has XSS via the genericons/example.html anchor identifier...
CVE-2013-4997
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in 1 an anchor identifier to setup/index.php or 2 a chartTitle aka chart title value...
DEBIAN-CVE-2013-4997
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in 1 an anchor identifier to setup/index.php or 2 a chartTitle aka chart title value...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in 1 an anchor identifier to setup/index.php or 2 a chartTitle aka chart title value...
CVE-2013-4997
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in 1 an anchor identifier to setup/index.php or 2 a chartTitle aka chart title value...
CVE-2013-4997
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in 1 an anchor identifier to setup/index.php or 2 a chartTitle aka chart title value...
CVE-2013-4997
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in 1 an anchor identifier to setup/index.php or 2 a chartTitle aka chart title value...
CVE-2007-1377
AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service unspecified resource consumption via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability...
CVE-2006-5913
Microsoft Internet Explorer 7 allows remote attackers to 1 cause a security certificate from a secure web site to appear invalid via a link to res://ieframe.dll/sslnavcancel.htm with the target site in the anchor identifier, which displays the site's URL in the address bar but causes Internet...