CVE-2010-1355

Cross-site scripting XSS vulnerability on the TANDBERG Video Communication Server VCS before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316...

CVE-2010-1367

Multiple cross-site scripting XSS vulnerabilities in admin/adminlogin.php in Uiga Fan Club, as downloaded on 20100310, allow remote attackers to inject arbitrary web script or HTML via the 1 adminname and 2 adminpassword parameters. NOTE: the provenance of this information is unknown; the details...

CVE-2010-2273

Multiple cross-site scripting XSS vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to...

CVE-2010-4610

Cross-site scripting XSS vulnerability in index.php in Html-edit CMS 3.1.8 allows remote attackers to inject arbitrary web script or HTML via the error parameter...

CVE-2010-2957

Cross-site scripting XSS vulnerability in Serendipity before 1.5.4, when "Remember me" logins are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-4973

Cross-site scripting XSS vulnerability in the search feature in Campsite 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the fsearchkeywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2010-4607

Multiple cross-site scripting XSS vulnerabilities in Habari 0.6.5, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 additemform parameter to system/admin/dashadditem.php and the 2 statusdata parameter to system/admin/dashstatus.php. NOTE: so...

CVE-2012-3805

Multiple cross-site scripting XSS vulnerabilities in the getAllPassedParams function in system/functions.php in Kajona before 3.4.2 allow remote attackers to inject arbitrary web script or HTML via the 1 absendername, 2 absenderemail, or 3 absendernachricht parameter to the content page; 4...

CVE-2012-3836

Multiple cross-site scripting XSS vulnerabilities in Baby Gekko before 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 groupname parameter in a savecategory in the users module; 2 virtualfilename, 3 branch, 4 contactperson, 5 street, 6 city, 7 province, 8 postal, 9...

CVE-2012-3837

Multiple cross-site scripting XSS vulnerabilities in apps/users/registration.template.php in Baby Gekko 1.2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 username, 2 emailaddress, 3 password, 4 passwordverify, 5 firstname, 6 lastname, or 7 verificationcode...

CVE-2012-5744

Multiple cross-site scripting XSS vulnerabilities in the guest portal in Cisco Identity Services Engine ISE Software allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCud11139 and CSCug02904...

CVE-2012-5606

Multiple cross-site scripting XSS vulnerabilities in ownCloud before 4.0.9 and 4.5.0 allow remote attackers to inject arbitrary web script or HTML via the 1 file name to apps/filesversions/js/versions.js or 2 apps/files/js/filelist.js; or 3 event title to 3rdparty/fullcalendar/js/fullcalendar.js...

CVE-2012-1046

Cross-site scripting XSS vulnerability in TM1 Web in IBM Cognos TM1 9.5.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0696...

CVE-2012-1604

Cross-site scripting XSS vulnerability in NextBBS 0.6 allows remote attackers to inject arbitrary web script or HTML via the do parameter to index.php...

CVE-2012-6510

Multiple cross-site scripting XSS vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 PWRS or 2 Description field when posting a new vehicle; 3 news title when creating news; 4 Name when creating a sub user; 5 group name when...

CVE-2012-6272

Multiple cross-site scripting XSS vulnerabilities in Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, and 7.1.0.1 allow remote attackers to inject arbitrary web script or HTML via the topic parameter to html/indexmain.htm in 1 help/sm/en/Output/wwhelp/wwhimpl/js/, 2...

CVE-2012-6566

Cross-site scripting XSS vulnerability in REDCap before 4.14.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-4932

Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...

CVE-2012-4342

Multiple cross-site scripting XSS vulnerabilities in Gallery 3 before 3.0.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-4278

Multiple cross-site scripting XSS vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 notes parameter to a admin/agenteditor.php; 2 title, 3 previewdesc, 4 fulldesc, or 5 notes parameter b to agentadmin.php or c in an addlisting action to...