CVE-2005-3015

Cross-site scripting XSS vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the 1 BaseTarget or 2 Src parameters...

CVE-2005-0662

Cross-site scripting XSS vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the Avatar field...

CVE-2005-4256

Cross-site scripting XSS vulnerability in forum.asp in ASP-DEV XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via the forumtitle parameter. NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. In addition, its accuracy is in...

CVE-2005-2839

Multiple cross-site scripting XSS vulnerabilities in MAXdev MD-Pro 1.0.72 allow remote attackers to inject arbitrary web script or HTML via 1 dl-search.php or 2 wl-search.php...

CVE-2006-2957

Cross-site scripting XSS vulnerability in i.List 1.5 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the banurl parameter to add.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information...

CVE-2008-1228

Cross-site scripting XSS vulnerability in admin.php in MG2 formerly Minigal allows remote attackers to inject arbitrary web script or HTML via the list parameter in an import action...

CVE-2009-0764

Multiple cross-site scripting XSS vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to 1 index.php and 2 kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2007-1965

Multiple cross-site scripting XSS vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the setlang parameter to 1 archive.php, 2 article.php, 3 index.php, or 4 topics.php...

CVE-2005-4028

Multiple cross-site scripting XSS vulnerabilities in aMember allow remote attackers to inject arbitrary web script or HTML via the 1 lamemberlogin parameter to sendpass.php and 2 login parameter to member.php...

CVE-2025-29686

A cross-site scripting XSS vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /inform/InformManageController.java...

Malicious code in pretty-cli-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 94cd11911ce2a0937d9e56087ce9487db18da5bb20df7f1f8948f8356d65c31d Contains an obfuscated code that will download and run a remote script. At the time of the analysis, the remote URLs were delivering empty results --- Category...

MAL-2025-191816 Malicious code in pretty-cli-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 94cd11911ce2a0937d9e56087ce9487db18da5bb20df7f1f8948f8356d65c31d Contains an obfuscated code that will download and run a remote script. At the time of the analysis, the remote URLs were delivering empty results --- Category...

SUSE CVE-2014-0611

Multiple cross-site scripting XSS vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

SUSE CVE-2010-2778

Cross-site scripting XSS vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a "Javascript XSS exploit."...

BIT-DOLIBARR-2020-14475

A reflected cross-site scripting XSS vulnerability in Dolibarr 11.0.3 allows remote attackers to inject arbitrary web script or HTML into public/notice.php related to transphrase and transkey...

BIT-DOLIBARR-2020-13828

Dolibarr 11.0.4 is affected by multiple stored Cross-Site Scripting XSS vulnerabilities that could allow remote authenticated attackers to inject arbitrary web script or HTML via ticket/card.php?action=create with the subject, message, or address parameter; adherents/card.php with the societe or...

CVE-2025-2536

Cross-site scripting XSS vulnerability on Liferay Portal 7.4.3.82 through 7.4.3.128, and Liferay DXP 2024.Q3.0, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 update 82 through update 92 in the Frontend JS module's...

CVE-2025-2536

Cross-site scripting XSS vulnerability on Liferay Portal 7.4.3.82 through 7.4.3.128, and Liferay DXP 2024.Q3.0, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 update 82 through update 92 in the Frontend JS module's...

PT-2025-11960

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.3.82 through 7.4.3.128 Liferay DXP versions 2024.Q3.0, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 update 82 through update 92...

gougucms 代码注入漏洞

gougucms gougucms CMS is China's gougu gougu open source based on ThinkPHP6 + Layui + MySql to create a lightweight general-purpose back-end management framework . gougucms 4.08.18 version of the code injection vulnerability, the vulnerability stems from cross-site scripting, may lead to a remote...