CVE-2011-5024

Cross-site scripting XSS vulnerability in mmsearch/design in the Mailman/htdig integration patch for Mailman allows remote attackers to inject arbitrary web script or HTML via the config parameter...

CVE-2013-0321

Cross-site scripting XSS vulnerability in Views in the Ubercart Views ucviews module 6.x before 6.x-3.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via the full name field...

CVE-2013-4703

Cross-site scripting XSS vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-3286

Multiple cross-site scripting XSS vulnerabilities in EMC Documentum eRoom before 7.4.4 P11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL...

CVE-2015-6969

Cross-site scripting XSS vulnerability in js/2k11.min.js in the 2k11 theme in Serendipity before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via a user name in a comment, which is not properly handled in a Reply link...

CVE-2011-4511

Cross-site scripting XSS vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime...

CVE-2012-3872

Multiple cross-site scripting XSS vulnerabilities in Open Constructor 3.12.0 allow remote attackers to inject arbitrary web script or HTML via 1 the result parameter to data/file/edit.php, 2 the q parameter to confirm.php, or 3 the keyword parameter to users/users.php...

CVE-2010-4520

Multiple cross-site scripting XSS vulnerabilities in the Views module 6.x before 6.x-2.11 for Drupal allow remote attackers to inject arbitrary web script or HTML via 1 a URL or 2 an aggregator feed title...

CVE-2011-1030

Cross-site scripting XSS vulnerability in the Wikis component in IBM Lotus Connections 3.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "Confirm New Page scene."...

CVE-2013-2364

Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-2337

Cross-site scripting XSS vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2019-15814

Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML...

CVE-2010-3472

Multiple cross-site scripting XSS vulnerabilities in the Workplace aka WP component in IBM FileNet P8 Application Engine P8AE 3.5.1 before 3.5.1-021 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-4830

Multiple cross-site scripting XSS vulnerabilities in the comlisting component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to inject arbitrary web script or HTML via the 1 listingtitle, 2 description, 3 homeurl aka Website Address, 4 paystring aka Payment types...

CVE-2011-4827

Multiple cross-site scripting XSS vulnerabilities in AutoSec Tools V-CMS 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 p parameter to redirect.php and 2 box parameter to includes/TrueColorPicker/index.php, which is not properly handled in...

CVE-2011-4806

Multiple cross-site scripting XSS vulnerabilities in main.php in phpAlbum 0.4.1.16 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 var1 and 2 keyword parameters...

CVE-2011-3864

Cross-site scripting XSS vulnerability in the The Erudite theme before 2.7.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter...

CVE-2013-0938

Cross-site scripting XSS vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-3427

Multiple cross-site scripting XSS vulnerabilities in Open Classifieds 1.7.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 desc, 2 price, 3 title, and 4 place parameters to index.php and the 5 subject parameter to contact.htm, related to content/contact.php...

CVE-2013-0455

Multiple cross-site scripting XSS vulnerabilities in IBM Sterling B2B Integrator 5.2.4 and Sterling File Gateway allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...