CVE-2006-3494

Multiple cross-site scripting XSS vulnerabilities in Buddy Zone 1.0.1 allow remote attackers to inject arbitrary HTML and web script via the 1 catid parameter to a viewclassifieds.php; 2 id parameter in b viewad.php; 3 eventid parameter in c viewevent.php, d deleteevent.php, and e editevent.php;...

mvnForum activatemember Multiple Parameter XSS

The remote host is running mvnForum, an open source, forum application based on Java J2EE. The version of mvnForum installed on the remote host fails to sanitize user-supplied input to the 'activatecode' and 'member' parameters of the 'activatemember' script before using it to generate dynamic we...

CVE-2006-3225

Cross-site scripting XSS vulnerability in Sun ONE Application Server 7 before Update 9, Java System Application Server 7 2004Q2 before Update 5, and Java System Application Server Enterprise Edition 8.1 2005 Q1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors...

CVE-2006-3174

Cross-site scripting XSS vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when registerglobals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter...

BlueDragon 6.2.1 Multiple Remote Vulnerabilities (XSS, DoS)

The remote host is running BlueDragon Server / Server JX, Java-based servers for stand-alone deployment of CFML ColdFusion Markup Language pages. The version of BlueDragon Server / Server JX installed on the remote host fails to sanitize user-supplied input passed as part of the filename before...

CVE-2006-3174

Cross-site scripting XSS vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when registerglobals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter...

CVE-2006-3007

Multiple cross-site scripting XSS vulnerabilities in SHOUTcast 1.9.5 allow remote attackers to inject arbitrary HTML or web script via the DJ fields 1 Description, 2 URL, 3 Genre, 4 AIM, and 5 ICQ...

Five Star Review Script - index2.php?sort Cross-Site Scripting

Five Star Review Script - index2.php?sort Cross-Site Scripting source: https://www.securityfocus.com/bid/18390/info Five Star Review Script is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these...

Five Star Review Script - 'report.php?item_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18390/info Five Star Review Script is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to run arbitrary HTML and script code in the browser of a...

Cross site scripting

Cross-site scripting XSS vulnerability in FunkBoard 0.71 allows remote attackers to inject arbitrary HTML or web script via unspecified vectors...

CVE-2006-2895

Cross-site scripting XSS vulnerability in MediaWiki 1.6.0 up to versions before 1.6.7 allows remote attackers to inject arbitrary HTML and web script via the edit form...

CVE-2006-2897

Cross-site scripting XSS vulnerability in FunkBoard 0.71 allows remote attackers to inject arbitrary HTML or web script via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web script via the subcat parameter. NOTE: this issue might be resultant from SQL injection...

CVE-2006-2721

Cross-site scripting XSS vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web script via the subcat parameter. NOTE: this issue might be resultant from SQL injection...

Cross site scripting

Cross-site scripting XSS vulnerability in performsearch.asp for ASPBB 0.52 and earlier allows remote attackers to inject arbitrary HTML or web script via the search parameter...

CVE-2006-2652

Cross-site scripting XSS vulnerability in WikiNi 0.4.2 and earlier allows remote attackers to inject arbitrary HTML and web script by editing a Wiki page to contain the script...

ByteHoard <= 2.1 multiple vulnerabilities

ByteHoard = 2.1 multiple vulnerabilities Discovered by: Nomenumbra Date: 23/5/2006 impact:high file manipulation,privilege escalation,possible defacement ByteHoard versions up to 2.1 are prone to multiple vulnerabilities, including directory traversal. 0x00 Directory traversal: Users are able to...

Cross site scripting

Cross-site scripting XSS vulnerability in Jemscripts DownloadControl 1.0 allows remote attackers to inject arbitrary HTML or web script via the dcid parameter to dc.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. This issue...

phpldapadmin -- Cross-Site Scripting and Script Insertion vulnerabilities

Secunia reports: phpLDAPadmin have some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1 Some input isn't properly sanitised before being returned to the user. This can be exploited to...

Authentication flaw

phpGraphy 0.9.11 and earlier allows remote attackers to bypass authentication and gain administrator privileges via a direct request to index.php with the editwelcome parameter set to 1, which can then be used to modify the main page to inject arbitrary HTML and web script. NOTE: XSS attacks are...