CKEditor < 4.4.3 Preview Plugin Unspecified XSS Vulnerability

The preview plugin for CKEditor is prone to an unspecified cross-site scripting XSS vulnerability. Copyright C 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later...

Quota < 1.2.5 - Unspecified XSS

The quota WordPress theme was affected by an Unspecified XSS security vulnerability...

Adobe ColdFusion Unspecified XSS (APSB15-07) (credentialed check)

The version of Adobe ColdFusion running on the remote Windows host is affected by an unspecified reflected cross-site scripting XSS vulnerability due to a failure to properly sanitize user-supplied input. A remote attacker, using a crafted request, can exploit this to execute arbitrary script cod...

Meinberg LANTIME Web Interface Unspecified XSS

Binary data scadameinberglantime615020.nbin...

VMware vCenter Server Appliance Unspecified XSS (VMSA-2014-0012)

The version of VMware vCenter Server Appliance installed on the remote host is 5.1 prior to Update 3. It is, therefore, affected by an unspecified cross-site scripting vulnerability. A remote attacker can exploit this by means of a specially crafted URL or malicious web page, which can result in...

IBM WebSphere Portal Unspecified XSS (PI16174)

The version of IBM WebSphere Portal on the remote host is affected by an unspecified cross-site scripting vulnerability due to improper user input validation. An attacker can exploit this issue to execute code in the security context of a user's browser to steal authentication cookies...

Coalition - Unspecified XSS

The coalition WordPress theme was affected by an Unspecified XSS security vulnerability...

Broadscope - Unspecified XSS

The broadscope WordPress theme was affected by an Unspecified XSS security vulnerability...

Social Sharing Toolkit 2.1.1 - Unspecified XSS

The Social Sharing Toolkit WordPress plugin was affected by an Unspecified XSS security vulnerability...

EELV Newsletter 3.4.3 - lettreinfo.php Unspecified XSS

The EELV Newsletter WordPress plugin was affected by a lettreinfo.php Unspecified XSS security vulnerability...

Knews 1.2.5 - Unspecified XSS

The Knews Multilingual Newsletters WordPress plugin was affected by an Unspecified XSS security vulnerability...

ReFlex Gallery 1.4.2 - Unspecified XSS

The ReFlex Gallery » WordPress Photo Gallery WordPress plugin was affected by an Unspecified XSS security vulnerability...

Simpnews 2.x admin/index.php Unspecified XSS

No description provided by source. source: http://www.securityfocus.com/bid/20714/info SimpNews is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute...

Red Mombin 0.7 process_login.php Unspecified XSS

No description provided by source. source: http://www.securityfocus.com/bid/20243/info Red Mombin is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in...

IBM WebSphere Portal Themes Unspecified XSS (PM90118)

The version of WebSphere Portal on the remote host is affected by a cross-site scripting vulnerability. An attacker could execute arbitrary code in a user's browser. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Splunk < 5.0.6 Unspecified XSS

According to its version number, the Splunk Web hosted on the remote web server is affected by an unspecified cross-site scripting vulnerability. An attacker can exploit this issue to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the...

Oracle Fusion WebLogic Server Component WLS-Console Management Interface Unspecified XSS

The version of the WebLogic component on Oracle Middleware installed on the remote Windows host is affected an unspecified cross-site scripting vulnerability related to WLS-Console. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL, resulting in the...

Nagios XI < 2009R1.3B Multiple Unspecified XSS

According to its self-reported version, the version of Nagios XI running on the remote host has multiple cross-site scripting vulnerabilities. Unspecified input to the status and dashboard pages are not properly sanitized. A remote attacker could exploit this by tricking a user into making a...

HP System Management Homepage < 2.1.2 Unspecified XSS

The version of HP System Management Homepage installed on the remote host fails to sanitize user input to unspecified parameters and scripts before using it to generate dynamic HTML. A remote attacker may be able to exploit these issues to cause arbitrary HTML and script code to be executed by a...