CVE-2014-2231

Cross-site scripting XSS vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title...

CVE-2014-4742

Cross-site scripting XSS vulnerability in system/classlink.php in the System module modulesystem in Kajona before 4.5 allows remote attackers to inject arbitrary web script or HTML via the systemid parameter in a mediaFolder action to index.php...

CVE-2014-8307

Multiple cross-site scripting XSS vulnerabilities in skins/default/outline.tpl in C97net Cart Engine before 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 path parameter in the "drop down TOP menu with path" section or 2 printthispage variable in the footercontentbloc...

CVE-2010-3012

Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error...

CVE-2010-1856

Cross-site scripting XSS vulnerability in index.php in RepairShop2 1.9.023 Trial, when magicquotesgpc is disabled, allows remote attackers to inject arbitrary web script or HTML via the prod parameter in a products.details action...

CVE-2010-1541

Multiple cross-site scripting XSS vulnerabilities in DFD Cart 1.198, 1.197, and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 category and 2 listquantity parameters to index.php, and the 3 category parameter to your.order.php...

CVE-2010-2970

Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/SlideShow.py, 2 action/anywikidraw.py, and 3 action/languagesetup.py, a similar issue to CVE-2010-2487...

CVE-2010-4412

Multiple cross-site scripting XSS vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via 1 the id parameter in an olsrd.xml action to pkgedit.php, 2 the xml parameter to pkg.php, or the if parameter to 3 statusgraph.php or 4 interfaces.php, a differe...

CVE-2010-4246

Multiple cross-site scripting XSS vulnerabilities in graph.php in pfSense 1.2.3 and 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via the 1 ifnum or 2 ifname parameter, a different vulnerability than CVE-2008-1182...

CVE-2010-0699

Cross-site scripting XSS vulnerability in index.php in VideoSearchScript Pro 3.5 allows remote attackers to inject arbitrary web script or HTML via the q parameter...

CVE-2012-5606

Multiple cross-site scripting XSS vulnerabilities in ownCloud before 4.0.9 and 4.5.0 allow remote attackers to inject arbitrary web script or HTML via the 1 file name to apps/filesversions/js/versions.js or 2 apps/files/js/filelist.js; or 3 event title to 3rdparty/fullcalendar/js/fullcalendar.js...

CVE-2012-1898

Multiple cross-site scripting XSS vulnerabilities in wolfcms/admin/user/add in Wolf CMS 0.75 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 username, 2 useremail, or 3 userusername parameters...

CVE-2012-1000

Multiple cross-site scripting XSS vulnerabilities in LEPTON 1.1.3 and other versions before 1.1.4 allow remote attackers to inject arbitrary web script or HTML via the 1 message parameter to admins/login/forgot/index.php, or the 2 displayname or 3 email parameter to account/preferences.php...

CVE-2012-1613

Cross-site scripting XSS vulnerability in editonepic.php in Coppermine Photo Gallery before 1.5.20 allows remote authenticated users with certain privileges to inject arbitrary web script or HTML via the keywords parameter...

CVE-2012-2648

Cross-site scripting XSS vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser...

CVE-2012-2064

Cross-site scripting XSS vulnerability in theme/viewslangswitch.theme.inc in the Views Language Switcher module before 7.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via the q parameter...

CVE-2012-4396

Multiple cross-site scripting XSS vulnerabilities in ownCloud before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 file names to apps/userldap/settings.php; 2 url or 3 title parameter to apps/bookmarks/ajax/editBookmark.php; 4 tag or 5 page parameter to...

CVE-2012-4532

Cross-site scripting XSS vulnerability in modules/modlanguages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php. NOTE: some of these details are obtained from third party...

CVE-2012-4541

Cross-site scripting XSS vulnerability in Piwik before 1.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-4602

Multiple cross-site scripting XSS vulnerabilities in admin/code/tceselectuserspopup.php in Nicola Asuni TCExam before 11.3.009 allow remote attackers to inject arbitrary web script or HTML via the 1 cid or 2 uids parameter...