Multiple GET parameters in the vulnerability scan scheduler of AlienVault OSSIM and USM before 5.3.2 are vulnerable to reflected XSS.

A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to steal session IDs of logged in users when the current sessions are viewed by an administrator.

XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension

XSS and SQLi in Huge IT Joomla Slider v1.0.9 extension

SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla

XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages.

XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI.

XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI.

XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.

XSS in Yandex Browser BookReader in Yandex browser for desktop for versions before 16.6. could be used by remote attacker for evaluation arbitrary javascript code.

SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla

XSS & SQLi in HugeIT slideshow v1.0.4

XSS & SQLi in HugeIT slideshow v1.0.4

Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS

Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS

Reflected XSS in wordpress plugin wpsolr-search-engine v7.6

Reflected XSS in wordpress plugin whizz v1.0.7

Reflected XSS in wordpress plugin tidio-gallery v1.1

Reflected XSS in wordpress plugin tidio-form v1.0

Reflected XSS in wordpress plugin tera-charts v1.0