CVE-2011-5073

Multiple cross-site scripting XSS vulnerabilities in Support Incident Tracker aka SiT! before 3.65 allow remote attackers to inject arbitrary web script or HTML via the 1 mode parameter to contactsupport.php; 2 contractid parameter to contractaddservice.php; 3 user parameter to editbackupusers.ph...

WordPress Plugin Count Per Day - Multiple Vulnerabilities

WordPress Plugin Count Per Day - Multiple Vulnerabilities Exploit Title: Count-per-day Wordpress plugin Arbitrary file download and XSS Version: '...

WordPress Count per Day Plugin - Multiple Vulnerabilities

WordPress Count per Day plugin is prone to multiple vulnerabilities such as XSS and user could call a remote script to download arbitrary file from the target system. Solution Update the plugin...

WordPress Plugin Count Per Day - Multiple Vulnerabilities

Exploit Title: Count-per-day Wordpress plugin Arbitrary file download and XSS Version: '...

CVE-2011-4778

CVE-2011-4778 affects Splunk Web in Splunk 4.2.x up to, but not including, 4.2.5. It is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors (aka SPL-44614). Impact is remote code execution of scripts within the bro...

DEBIAN-CVE-2011-4782

Cross-site scripting XSS vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter...

UBUNTU-CVE-2011-4344

Cross-site scripting XSS vulnerability in Jenkins Core in Jenkins before 1.438, and 1.409 LTS before 1.409.3 LTS, when a stand-alone container is used, allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages...

CVE-2011-4563

CVE-2011-4563 affects JAKCMS web app: XSS in index.php affecting 2.0.4.1 and possibly earlier versions up to 2.2.6, exploitable via the userpost parameter in a PM request and related to tinymce. The concrete vulnerability is a cross-site scripting flaw that allows remote attackers to inject arbit...

PT-2011-4932 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 3.1.0 Description: The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the username parameter in a setup action to "admin/company.php", or the PATH INFO to "admin/security...

DEBIAN-CVE-2011-2770

Cross-site scripting XSS vulnerability in man2html.cgi.c in man2html 1.6, and possibly other version, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to error messages...

flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26

Cross-site scripting XSS vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as...

DEBIAN-CVE-2011-4074

Cross-site scripting XSS vulnerability in cmd.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via an debug command...

Cross site scripting

Cross-site scripting XSS vulnerability in the search feature in Campsite 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the fsearchkeywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2010-4985

Cross-site scripting XSS vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to inject arbitrary web script or HTML via vectors involving the "Enter Reference Number Below" text box...

CVE-2011-4064

Cross-site scripting XSS vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value...

UBUNTU-CVE-2011-3243

Cross-site scripting XSS vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows...

CVE-2010-4949

Cross-site scripting XSS vulnerability in the 1 FreiChat component before 2.1.2 for Joomla! and the 2 FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML by entering it in an unspecified window...

PT-2011-4740 · Erudite · Erudite

Name of the Vulnerable Software and Affected Versions: The Erudite theme versions prior to 2.7.9 Description: A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. Recommendations: For versions prior to 2.7.9, update to version 2.7.9 ...

PT-2011-4741 · Unknown · Black-Letterhead

Name of the Vulnerable Software and Affected Versions: Black-LetterHead theme version 1.5 and earlier Description: A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved by manipulating the PATH INFO to index.php. Recommendations: F...

VulnCheck KEV: CVE-2011-2444

Cross-site scripting XSS vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as...