CVE-2013-2321

Cross-site scripting XSS vulnerability in HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2019-5938

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Mail'...

CVE-2019-6016

Cross-site scripting vulnerability in REMISE Payment Module 2.11, 2.12 and 2.13 version 3.0.12 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2019-5975

DOM-based cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2019-5962

Cross-site scripting vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2019-5932

Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Portal'...

CVE-2019-19367

A cross-site scripting XSS vulnerability in app/fax/faxfiles.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

CVE-2019-17660

A cross-site scripting XSS vulnerability in admin/translate/translateheaderview.php in LimeSurvey 3.19.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the tolang parameter, as demonstrated by the index.php/admin/translate/sa/index/surveyid/336819/lang/ PATHINFO...

CVE-2015-2198

Multiple cross-site scripting XSS vulnerabilities in editprefs.php in Beehive Forum 1.4.4 allow remote attackers to inject arbitrary web script or HTML via the 1 homepageurl, 2 picurl, or 3 avatarurl parameter, which are not properly handled in an error message...

CVE-2019-5939

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Portal'...

CVE-2014-4036

Cross-site scripting XSS vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action...

CVE-2019-13488

A cross-site scripting XSS vulnerability in static/js/trape.js in Trape through 2019-05-08 allows remote attackers to inject arbitrary web script or HTML via the country, query, or refer parameter to the /register URI, because the jQuery prepend method is used...

CVE-2018-15635

Cross-site scripting vulnerability in the Discuss App of Odoo Community 12.0 and earlier, and Odoo Enterprise 12.0 and earlier allows remote attackers to inject arbitrary web script in the browser of an internal user of the system by tricking them into inviting a follower on a document with a...

CVE-2018-17322

Cross-site scripting XSS vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area parameter...

CVE-2018-18291

A cross site scripting XSS vulnerability on ASUS RT-AC58U 3.0.0.4.3806516 devices allows remote attackers to inject arbitrary web script or HTML via AdvancedASUSDDNSContent.asp, AdvancedWSecurityContent.asp, AdvancedWirelessContent.asp, Logout.asp, MainLogin.asp, MobileQISLogin.asp, QISwizard.htm...

CVE-2019-9226

An issue was discovered in baigo CMS 2.1.1. There is a persistent XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the optbaseBGSITENAME parameter to the bgconsole/index.php?m=opt=request URI...

CVE-2019-5967

Cross-site scripting vulnerability in Joruri CMS 2017 Release2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2018-15638

Cross-site scripting XSS issue in mail module in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted channel names...

CVE-2012-4476

Cross-site scripting XSS vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-2180

Cross-site scripting XSS vulnerability in dereferer.php in A Really Simple Chat ARSC 3.3-rc2 allows remote attackers to inject arbitrary web script or HTML via the arsclink parameter...