CVE-2012-6658

Multiple cross-site scripting XSS vulnerabilities in SpiceWorks 5.3.75941 allow remote attackers to inject arbitrary web script or HTML via the 1 syslocation, 2 syscontact, or 3 sysName configuration in snmpd.conf. NOTE: this entry was SPLIT from CVE-2012-2956 per ADT2 due to different...

CVE-2015-1373

Multiple cross-site scripting XSS vulnerabilities in admin.php in ferretCMS 1.0.4-alpha allow remote attackers to inject arbitrary web script or HTML via the 1 action parameter in a search request, 2 username in a login request, which is not properly handled when logging the event, or 3 page titl...

CVE-2010-2277

Multiple cross-site scripting XSS vulnerabilities in IBM Lotus Connections 2.5.x before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 create or 2 edit form in the Communities component, the 3 verbiage field in the Bookmarks component, or 4 unspecified vectors...

CVE-2011-1558

Multiple cross-site scripting XSS vulnerabilities in the IBM Web Interface for Content Management aka WEBi 1.0.4 before FP3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-1242...

CVE-2012-2211

Cross-site scripting XSS vulnerability in phpgwapi/inc/commonfunctionsinc.php in eGroupware before 1.8.004.20120405 allows remote attackers to inject arbitrary web script or HTML via the menuaction parameter to etemplate/processexec.php. NOTE: some of these details are obtained from third party...

CVE-2010-3277

The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file...

CVE-2010-3919

Fenrir Grani 4.5 and earlier does not prevent interaction between web script and the clipboard, which allows remote attackers to read or modify the clipboard contents via a crafted web site...

CVE-2010-3918

Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction between web script and the clipboard, which allows remote attackers to read or modify the clipboard contents via a crafted web site...

CVE-2011-4551

Cross-site scripting XSS vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2 and LTS before 6.5 allows remote attackers to inject arbitrary web script or HTML via arbitrary parameters...

CVE-2011-4552

Multiple cross-site scripting XSS vulnerabilities in One Click Orgs before 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the description field of 1 a new vote or 2 the eject member proposal feature...

CVE-2010-2150

Cross-site scripting XSS vulnerability Fujitsu e-Pares V01 L01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-5105

Multiple cross-site scripting XSS vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 acountry parameter in a process action to affiliatesignup.php or 2 entrycountryid parameter in an edit action to admin/createaccount.php...

CVE-2013-5695

Multiple cross-site scripting XSS vulnerabilities in Opsview before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to admin/auditlog/, 2 PATHINFO to info/host/ or 3 viewport/, 4 back parameter to login, or 5 "from" parameter to status/service/recheck...

CVE-2010-2014

Cross-site scripting XSS vulnerability in cp/listcontent.php in LiSK CMS 4.4 allows remote attackers to inject arbitrary web script or HTML via the cl or possibly id parameter...

CVE-2012-1606

Multiple cross-site scripting XSS vulnerabilities in the Backend component in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-1597

Cross-site scripting XSS vulnerability in the textEncode function in classes/ezjscajaxcontent.php in eZ JS Core in eZ Publish before 1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-3320

Cross-site scripting XSS vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

CVE-2010-4339

Cross-site scripting XSS vulnerability in Hypermail 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted From address, which is not properly handled when indexing messages...

CVE-2012-5990

Multiple cross-site scripting XSS vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System NCS and Wireless Control System WCS allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud18375...

CVE-2012-3476

Multiple cross-site scripting XSS vulnerabilities in 1 application/views/admin/layout.php and 2 themes/default/views/header.php in the Ushahidi Platform before 2.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to a site name...