CVE-2019-8400

ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error errorhint parameter...

CVE-2018-17946

The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter...

Cross-site Scripting (XSS)

oauth2client is vulnerable to cross-site scripting XSS attack. These attacks are possible because there is no sanitization in the error parameter, allowing attacks to reflect arbitrary code onto the oauth2callback endpoint...

Cross site scripting

Cross-site scripting XSS vulnerability in the Event Import page import-eventbrite-events.php in the Modern Tribe Eventbrite Tickets plugin before 3.10.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "error" parameter to wp-admin/edit.php...

CVE-2015-5485

Cross-site scripting XSS vulnerability in the Event Import page import-eventbrite-events.php in the Modern Tribe Eventbrite Tickets plugin before 3.10.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "error" parameter to wp-admin/edit.php...

CVE-2015-5485

Summary: CVE-2015-5485 is a reflected XSS in The Events Calendar: Eventbrite Tickets Plugin for WordPress by Modern Tribe. Affected software: WordPress plugin The Events Calendar: Eventbrite Tickets (versions before 3.10.2). Vulnerable component: Event Import page (import-eventbrite-events.php). ...

Cross site scripting

Cross-site scripting XSS vulnerability in the EWWW Image Optimizer plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the error parameter in the ewww-image-optimizer.php page to wp-admin/options-general.php, which is not properly handled in a pngo...

CVE-2014-6243

Cross-site scripting XSS vulnerability in the EWWW Image Optimizer plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the error parameter in the ewww-image-optimizer.php page to wp-admin/options-general.php, which is not properly handled in a pngo...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Html-edit CMS 3.1.8 allows remote attackers to inject arbitrary web script or HTML via the error parameter...

slickMsg 0.7-alpha Cross Site Scripting

www.eVuln.com advisory: error - Non-persistent XSS in slickMsg Summary: http://evuln.com/vulns/163/summary.html Details: http://evuln.com/vulns/163/description.html -----------Summary----------- eVuln ID: EV0163 Software: slickMsg Vendor: n/a Version: 0.7-alpha Critical Level: low Type: Cross Sit...

CVE-2010-1095

Cross-site scripting XSS vulnerability in loginresetpasswordpage.php in Tracking Requirements & Use Cases TRUC 0.11.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter. NOTE: the provenance of this information is unknown; the details are obtained...

Cross site scripting

Cross-site scripting XSS vulnerability in loginresetpasswordpage.php in Tracking Requirements & Use Cases TRUC 0.11.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter. NOTE: the provenance of this information is unknown; the details are obtained...

CVE-2009-4347

Cross-site scripting XSS vulnerability in daloradius-users/login.php in daloRADIUS 0.9-8 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter...

CVE-2009-4347

This CVE covers a cross-site scripting (XSS) vulnerability in daloradius-users/login.php within daloRADIUS 0.9-8 and earlier. The issue arises because the application fails to sanitize user-supplied input passed to the login.php script’s error parameter before it is embedded in HTML output, enabl...

CVE-2009-2163

Cross-site scripting XSS vulnerability in login/default.aspx in Sitecore CMS before 6.0.2 Update-1 090507 allows remote attackers to inject arbitrary web script or HTML via the scerror parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in error.php in NetRisk 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter to index.php. NOTE: some of these details are obtained from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action...

CVE-2007-6232

Cross-site scripting XSS vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action...

CVE-2007-6232

Cross-site scripting XSS vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action...

XSS in script Mobilelib GOLD v2

///////////////////////////////////// // XSS in script Mobilelib GOLD v2 // //////////////////////////////////// Found By: viP HaCKEr Tame : AL-GaRNi Vendor: http://www.ac4p.com Software: Mobilelib GOLD GOLD v2 google : "Powered by ac4p.com" :::::::::::::::::::::::::::::::::::::: Description: Lin...