CVE-2017-9299 CVSS:0.0
Open Ticket Request System (OTRS) 3.3.9 has XSS in index.pl?Action=AgentStats requests, as demonstrated by OrderBy=[XSS] and Direction=[XSS] attacks. (Last Update:2017-05-29) (Publish Update:2017-05-29)
CVE-2017-9298 CVSS:0.0
Cross-site scripting vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager before 8.5.2-00 allows authenticated remote users to execute arbitrary JavaScript code. (Last Update:2017-05-29) (Publish Update:2017-05-29)
CVE-2017-9292 CVSS:0.0
Lansweeper before 6.0.0.65 has XSS in an image retrieval URI, aka Bug 542782. (Last Update:2017-05-29) (Publish Update:2017-05-29)
CVE-2017-9289 CVSS:0.0
Bram Korsten Note through 1.2.0 is vulnerable to a reflected XSS in note-source\ui\editor.php (edit parameter). (Last Update:2017-05-29) (Publish Update:2017-05-29)
CVE-2017-9288 CVSS:0.0
The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a reflected XSS in sendtesterror.php (backurl parameter). (Last Update:2017-05-29) (Publish Update:2017-05-29)
CVE-2017-9252 CVSS:0.0
andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in the search page via the text-search parameter to index.php in a route=search action. (Last Update:2017-05-28) (Publish Update:2017-05-28)
CVE-2017-9251 CVSS:0.0
andrzuk/FineCMS through 2017-05-28 is vulnerable to a reflected XSS in the sitename parameter to admin.php. (Last Update:2017-05-28) (Publish Update:2017-05-28)
CVE-2017-9249 CVSS:0.0
Cross-site scripting (XSS) vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. The attack vector is the content of this file, and the filename must be specified in the PATH_INFO to readfile.php. (Last Update:2017-05-28) (Publish Update:2017-05-28)
CVE-2017-9243 CVSS:0.0
Aries QWR-1104 Wireless-N Router with Firmware Version WRC.253.2.0913 has XSS on the Wireless Site Survey page, exploitable with the name of an access point. (Last Update:2017-05-28) (Publish Update:2017-05-28)
CVE-2017-9140 CVSS:0.0
Cross-site scripting (XSS) vulnerability in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. (Last Update:2017-05-22) (Publish Update:2017-05-22)
Click here for a complete list of security vulnerabilities. This vulnerability list widget is provided by www.cvedetails.com