CVE-2013-0730

Multiple cross-site scripting XSS vulnerabilities in Newscoop 4.x through 4.1.0 allow remote attackers to inject arbitrary web script or HTML via vectors involving the 1 language parameter to application/modules/admin/controllers/LanguagesController.php or 2 user parameter to...

CVE-2015-6809

Multiple cross-site scripting XSS vulnerabilities in BEdita before 3.6.0 allow remote attackers to inject arbitrary web script or HTML via the 1 cfgprojectName parameter to index.php/admin/saveConfig, the 2 datastatsproviderurl parameter to index.php/areas/saveArea, or the 3 datadescription...

CVE-2019-9230

An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.253. A cross-site scripting XSS vulnerability in the search function of the management web interface allows remote attackers to inject arbitrary web script o...

CVE-2019-5947

Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'...

CVE-2019-19385

A cross-site scripting XSS vulnerability in app/dialplans/dialplans.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the appuuid parameter...

CVE-2019-17523

An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the FileName parameter to /FTPDiag.asp...

CVE-2014-9743

Cross-site scripting XSS vulnerability in the httpdHtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info...

CVE-2017-9622

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted common data...

CVE-2017-9623

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted country data...

CVE-2017-9452

Cross-site scripting XSS vulnerability in admin.php in Piwigo 2.9.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter...

CVE-2015-8038

Multiple cross-site scripting XSS vulnerabilities in the Graphical User Interface GUI in Fortinet FortiManager before 5.2.4 allow remote attackers to inject arbitrary web script or HTML via the 1 sharedjobmanager or 2 SOMServiceObjDialog...

CVE-2015-6808

Cross-site scripting XSS vulnerability in the Spotlight module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title...

CVE-2013-4711

Cross-site scripting XSS vulnerability in Accela BizSearch 3.2 on Linux and Solaris allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-4103

Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input...

CVE-2013-4612

Multiple cross-site scripting XSS vulnerabilities in REDCap before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving different modules...

CVE-2013-3604

Multiple cross-site scripting XSS vulnerabilities in Coursemill Learning Management System LMS 6.6 allow remote attackers to inject arbitrary web script or HTML via crafted input...

CVE-2013-0134

Cross-site scripting XSS vulnerability in the web interface in AirDroid allows remote attackers to inject arbitrary web script or HTML via a crafted text message that is transmitted by a managed phone...

CVE-2013-5314

Cross-site scripting XSS vulnerability in serendipityadminimageselector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipityhtmltarget parameter...

CVE-2014-5248

Cross-site scripting XSS vulnerability in MyBB before 1.6.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to video MyCode...

CVE-2011-4836

Cross-site scripting XSS vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to inject arbitrary web script or HTML via a request for a crafted URI...