4581 matches found
CVE-2019-19385
A cross-site scripting XSS vulnerability in app/dialplans/dialplans.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the appuuid parameter...
CVE-2019-17523
An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the FileName parameter to /FTPDiag.asp...
CVE-2014-9743
Cross-site scripting XSS vulnerability in the httpdHtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info...
CVE-2017-9622
Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted common data...
CVE-2017-9623
Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted country data...
CVE-2017-9452
Cross-site scripting XSS vulnerability in admin.php in Piwigo 2.9.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter...
CVE-2015-8038
Multiple cross-site scripting XSS vulnerabilities in the Graphical User Interface GUI in Fortinet FortiManager before 5.2.4 allow remote attackers to inject arbitrary web script or HTML via the 1 sharedjobmanager or 2 SOMServiceObjDialog...
CVE-2015-6808
Cross-site scripting XSS vulnerability in the Spotlight module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title...
CVE-2013-4711
Cross-site scripting XSS vulnerability in Accela BizSearch 3.2 on Linux and Solaris allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-4103
Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input...
CVE-2013-4612
Multiple cross-site scripting XSS vulnerabilities in REDCap before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving different modules...
CVE-2013-3604
Multiple cross-site scripting XSS vulnerabilities in Coursemill Learning Management System LMS 6.6 allow remote attackers to inject arbitrary web script or HTML via crafted input...
CVE-2013-0134
Cross-site scripting XSS vulnerability in the web interface in AirDroid allows remote attackers to inject arbitrary web script or HTML via a crafted text message that is transmitted by a managed phone...
CVE-2013-5314
Cross-site scripting XSS vulnerability in serendipityadminimageselector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipityhtmltarget parameter...
CVE-2014-5248
Cross-site scripting XSS vulnerability in MyBB before 1.6.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to video MyCode...
CVE-2011-4836
Cross-site scripting XSS vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to inject arbitrary web script or HTML via a request for a crafted URI...
CVE-2011-3382
Cross-site scripting XSS vulnerability in Phorum before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-4361
Cross-site scripting XSS vulnerability in url-gateway.php in Jurpopage 0.2.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2010-1420
Cross-site scripting XSS vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file...
CVE-2014-3456
Cross-site scripting XSS vulnerability in GitLab Enterprise Edition EE 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...