CVE-2006-6977

Cross-site scripting XSS vulnerability in the "Basic Toolbar Selection" in FreeTextBox allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the 1 href or 2 onmouseover attribute of the A HTML tag...

CVE-2006-6978

Cross-site scripting XSS vulnerability in the "Basic Toolbar Selection" in FCKEditor allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the 1 href or 2 onmouseover attribute of the A HTML tag...

DSA-1227-1 mozilla-thunderbird

Bulletin has no description...

CVE-2006-6163

Cross-site scripting XSS vulnerability in tiki-setupbase.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters...

CVE-2006-6163

Cross-site scripting XSS vulnerability in tiki-setupbase.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters...

CVE-2006-5463

Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object while it is executing...

CVE-2006-5486

Cross-site scripting XSS vulnerability in Webmail in Sun Java System Messaging Server 6.0 through 6.2 and iPlanet Messaging Server 5.2 allows remote attackers to execute arbitrary Javascript via crafted messages...

PT-2006-5353 · Microsoft · Internet Explorer 6

Name of the Vulnerable Software and Affected Versions: Internet Explorer 6 version Description: The issue allows remote attackers to execute arbitrary JavaScript in the context of the browser's session with an arbitrary intranet web server. This can be achieved by hosting script on an Internet we...

[Kil13r-SA-20060628] Hanaro Search Cross-Site Scripting Vulnerability

Title: Kil13r-SA-20060628 Hanaro Search Cross-Site Scripting Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Remote Timeline: 2006/06/22 - Discovery 2006/06/28 - Release Affected version: Not affected version: Description: Hanaro is ISP site, but that has vulnerability. It...

[Kil13r-SA-20060622-1] NetSoft SmartNet 2.0 Cross-Site Scripting Vulnerability

Title: Kil13r-SA-20060622-1 NetSoft SmartNet 2.0 Cross-Site Scripting Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Remote Timeline: 2006/06/21 - Discovery 2006/06/21 - Vendor notification 2006/06/22 - Release Affected version: NetSoft SmartNet 2.0 Not affected version:...

CVE-2006-3014

Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet...

CVE-2006-3014

Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet...

CVE-2006-3014

CVE-2006-3014 affects Microsoft Excel where embedding a Shockwave Flash Player ActiveX Object inside an XLS can automatically execute, enabling user-assisted arbitrary JavaScript execution and redirection when the spreadsheet is opened. According to SUSE and CPAI advisories, the issue originates ...

Cross site scripting

Cross-site scripting XSS vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14349 allows remote attackers to inject arbitrary Javascript via unspecified vectors, possibly involving the usage of the | pipe character...

CVE-2006-2611

Cross-site scripting XSS vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14349 allows remote attackers to inject arbitrary Javascript via unspecified vectors, possibly involving the usage of the | pipe character...

CVE-2006-2611

Cross-site scripting XSS vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14349 allows remote attackers to inject arbitrary Javascript via unspecified vectors, possibly involving the usage of the | pipe character...

CVE-2006-2611

MediaWiki 1.6.x is affected in includes/Sanitizer.php (variable handler) by CVE-2006-2611. The vulnerability allows remote attackers to inject arbitrary Javascript via unspecified vectors, possibly involving the | character, and is exploitable before revision r14349. The NVD notes a Medium risk w...

Cross site scripting

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by 1 "using a modal alert to suspend an event handler while a new page is being loaded", 2 using eval, and using...

XSS vulnerability in Dada Mail

According to its banner, the remote version of Dada Mail does not properly validate user written content before submitting that data to the archiving system. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

Jupiter CMS <= 1.1.5 multiple XSS attack vectors.

Jupiter CMS = 1.1.5 multiple XSS attack vectors. Discovered by: Nomenumbra/0x4F4C Date: 3/11/2006 impact:high privilege escalation,site defacement Jupiter CMS http://www.highstrike.net/ is a dynamic CMS system like mambo or limbo, allowing users to subscribe and posts events. Because no filtering...