Filtered by CWE-79
Total 37263 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-0303 1 Ibm 1 Tivoli Integrated Portal 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-0261 1 Ibm 2 Care Management, Curam Social Program Management 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110604.
CVE-2016-0253 1 Ibm 1 Financial Transaction Manager 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110562.
CVE-2016-0223 1 Ibm 1 Forms Server 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the Webform Framework API in IBM Forms Server 4.0.x, 8.0.x, 8.1, and 8.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110006.
CVE-2015-9549 1 Ocportal 1 Ocportal 2024-11-21 6.1 Medium
A reflected Cross-site Scripting (XSS) vulnerability exists in OcPortal 9.0.20 via the OCF_EMOTICON_CELL.tpl FIELD_NAME field to data/emoticons.php.
CVE-2015-9539 1 Fast Secure Contact Form Project 1 Fast Secure Contact Form 2024-11-21 6.1 Medium
The Fast Secure Contact Form plugin before 4.0.38 for WordPress allows fs_contact_form1[welcome] XSS.
CVE-2015-9537 1 Imagely 1 Nextgen Gallery 2024-11-21 5.4 Medium
The NextGEN Gallery plugin before 2.1.10 for WordPress has multiple XSS issues involving thumbnail_width, thumbnail_height, thumbwidth, thumbheight, wmXpos, and wmYpos, and template.
CVE-2015-9504 1 Weeklynews Theme Project 1 Weeklynews Theme 2024-11-21 6.1 Medium
The weeklynews theme before 2.2.9 for WordPress has XSS via the s parameter.
CVE-2015-9503 1 Webmandesign 1 Modern Theme 2024-11-21 6.1 Medium
The Modern theme before 1.4.2 for WordPress has XSS via the genericons/example.html anchor identifier.
CVE-2015-9502 1 Webmandesign 1 Auberge Theme 2024-11-21 6.1 Medium
The Auberge theme before 1.4.5 for WordPress has XSS via the genericons/example.html anchor identifier.
CVE-2015-9501 1 Artificial Intelligence Project 1 Artificial Intelligence 2024-11-21 6.1 Medium
The Artificial Intelligence theme before 1.2.4 for WordPress has XSS because Genericons HTML files are unnecessarily placed under the web root.
CVE-2015-9500 1 Exquisite Ultimate Newspaper Project 1 Exquisite Ultimate Newspaper 2024-11-21 6.1 Medium
The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via the anchor identifier to assets/js/jquery.foundation.plugins.js.
CVE-2015-9495 1 Syndication Links Project 1 Syndication Links 2024-11-21 6.1 Medium
The syndication-links plugin before 1.0.3 for WordPress has XSS via the genericons/example.html anchor identifier.
CVE-2015-9494 1 Indieweb Post Kinds Project 1 Indieweb Post Kinds 2024-11-21 6.1 Medium
The indieweb-post-kinds plugin before 1.3.1.1 for WordPress has XSS via the genericons/example.html anchor identifier.
CVE-2015-9493 1 Nlb-creationst 1 My Wish List 2024-11-21 6.1 Medium
The my-wish-list plugin before 1.4.2 for WordPress has multiple XSS issues.
CVE-2015-9478 1 No-margin-for-error 1 Prettyphoto 2024-11-21 6.1 Medium
prettyPhoto before 3.1.6 has js/jquery.prettyPhoto.js XSS.
CVE-2015-9472 1 Monitorbacklinks 1 Incoming Links 2024-11-21 6.1 Medium
The incoming-links plugin before 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP header.
CVE-2015-9469 1 Cybercraftit 1 Content-grabber 2024-11-21 4.8 Medium
The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id.
CVE-2015-9468 1 K-78 1 Broken Link Manager 2024-11-21 6.1 Medium
The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action.
CVE-2015-9459 1 Seo Searchterms Tagging 2 Project 1 Seo Searchterms Tagging 2 2024-11-21 6.1 Medium
The searchterms-tagging-2 plugin through 1.535 for WordPress has XSS via the wp-admin/options-general.php count parameter.