CVE-2011-5305

Multiple cross-site scripting XSS vulnerabilities in CosmoShop ePRO 10.05.00 allow remote attackers to inject arbitrary web script or HTML via 1 the rcopy parameter to cgi-bin/admin/rubrikadmin.cgi, 2 the typ parameter to cgi-bin/admin/artikeladmin.cgi, or 3 the suchbegriff parameter to...

CVE-2011-5287

Multiple cross-site scripting XSS vulnerabilities in HESK before 2.4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 hesksettingstmptitle or 2 hesklangENCODING parameter to inc/header.inc.php; the hesklangattempt parameter to 3 inc/assignmentsearch.inc.php, 4...

CVE-2011-5176

Multiple cross-site scripting XSS vulnerabilities in search.php in Banana Dance, possibly B.1.5 and earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 q or 2 category parameter...

CVE-2013-3640

Cross-site scripting XSS vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-5143

Multiple cross-site scripting XSS vulnerabilities in Open Business Management OBM 2.3.20 and probably earlier allow remote attackers to inject arbitrary web script or HTML via the 1 tfname, 2 tfdelegation, and 3 tfip parameters to index.php. NOTE: the provenance of this information is unknown; th...

CVE-2013-3603

Cross-site scripting XSS vulnerability in Coursemill Learning Management System LMS 6.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages...

CVE-2010-1707

Multiple cross-site scripting XSS vulnerabilities in register.php in Piwigo 2.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 login and 2 mailaddress parameters...

CVE-2013-3413

Cross-site scripting XSS vulnerability in the search form in the administration/monitoring panel on the Cisco Identity Services Engine ISE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuh87036...

CVE-2010-4951

Cross-site scripting XSS vulnerability in the xaJax Shoutbox vxxajaxshoutbox extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-4947

Cross-site scripting XSS vulnerability in advancedsearchresult.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter...

CVE-2010-4932

Cross-site scripting XSS vulnerability in search.php in Entrans before 0.3.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter...

CVE-2010-1515

Multiple cross-site scripting XSS vulnerabilities in index.php in TomatoCMS 2.0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 keyword or 2 article-id parameter in conjunction with a /admin/news/article/list PATHINFO; the 3 keyword parameter in conjunction...

CVE-2010-4778

Multiple cross-site scripting XSS vulnerabilities in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allow remote attackers to inject arbitrary web script or HTML via the 1 username aka fmusername, 2 password aka fmpassword, or 3 server aka fmserver...

CVE-2017-10975

Cross-site scripting XSS vulnerability in Lutim before 0.8 might allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is mishandled in an upload notification and in the myfiles component, if the attacker can convince the victim to proceed with an upload despit...

CVE-2014-8597

A reflected cross-site scripting XSS vulnerability in PHP-Fusion 7.02.07 allows remote attackers to inject arbitrary web script or HTML via the status parameter in the CMS admin panel...

CVE-2013-0933

Multiple cross-site scripting XSS vulnerabilities in EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-1036

Cross-site scripting XSS vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-1008

Cross-site scripting XSS vulnerability in the Sellector.com Widget Integration chsellector extension before 0.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-1000307

Multiple Cross Site Scripting XSS Vulnerabilities in ClipBucket v2.8.1 and probably prior allow Remote Attackers to inject arbitrary web script or HTML via 1 profiledesc, aboutme, schools, occupation, companies, hobbies, favmovies, favmusic, favbooks parameters to ProfileSettings page; 2 note...

CVE-2015-8759

Cross-site scripting XSS vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field...