CVE-2008-0206

Multiple cross-site scripting XSS vulnerabilities in captcha\captcha.php in the Captcha! 2.5d and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 captchattffolder, 2 captchanumchars, 3 captchattfrange, or 4 captchasecret parameter...

CVE-2008-0206

Multiple cross-site scripting XSS vulnerabilities in captcha\captcha.php in the Captcha! 2.5d and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 captchattffolder, 2 captchanumchars, 3 captchattfrange, or 4 captchasecret parameter...

CVE-2007-6388

Cross-site scripting XSS vulnerability in modstatus in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server WAS before 6.1.0 Fix Pack 13 6.1.0.13 allow remote attackers to inject arbitrary web script or HTML via the 1 keyField, 2 nameField, 3 valueField, and 4...

CVE-2007-5728

Cross-site scripting XSS vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHPSELF in 1 redirect.php, possibly related to 2 login.php, different vectors than CVE-2007-2865...

CVE-2002-2341

CVE-2002-2341 affects SonicWALL SOHO3 version 6.3.0.0 and is described as a cross-site scripting (XSS) vulnerability in content blocking. The issue allows remote attackers to inject arbitrary web script or HTML by supplying a specially crafted blocked URL, enabling potential session or credential...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta allow remote attackers to inject arbitrary web script or HTML via the 1 group and 2 members parameters in a NewGroup.jsp; the 3 edittime parameter in b Edit.jsp; the 4 edittime, 5 author, and 6 link parameters i...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers to inject arbitrary web script or HTML via the 1 msg, 2 page, 3 viewkey, or 4 viewtype parameter to a viewvideo.php; the 5 next parameter to b signup.php; the 6 searchid parameter to c...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in search.asp in rwAuction Pro 5.0 allow remote attackers to inject arbitrary web script or HTML via the 1 search, 2 show, 3 searchtype, 4 catid, and 5 searchtxt parameters, a different version and vectors than CVE-2005-4060...

Cross site scripting

Cross-site scripting XSS vulnerability in showown.php in GMTT Music Distro 1.2 allows remote attackers to inject arbitrary web script or HTML via the st parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Exponent CMS 0.96.6 Alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 url parameter to a magpiedebug.php and b magpiesimple.php in external/magpierss/scripts/, the 2 rssurl parameter to c magpieslashbox.p...

Cross site scripting

Cross-site scripting XSS vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a leading """ in the ripeformpost parameter...

CVE-2007-1991

Cross-site scripting XSS vulnerability in mail/signup.asp in CmailServer WebMail 5.4.3, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the Comment parameter, a different vector than CVE-2007-1927...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SQLiteManager 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 database name, 2 table name, 3 ViewName, 4 view, 5 trigger, and 6 function fields in main.php and certain other files...

CVE-2007-0807

Cross-site scripting XSS vulnerability in info.php in flashChat 4.7.8 allows remote attackers to inject arbitrary web script or HTML via a channel title aka room name that is not properly handled by the "who's online" feature...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in HTTP Commander 6.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 LogoffMessage parameter to logofflast.aspx or the 2 txtUsername parameter to Default.aspx. NOTE: The provenance of this informatio...

CVE-2006-6700

Technical details about CVE-2006-6700 are not publicly available in the provided documents. The description notes a vague initial disclosure. Monitor for updates from the sources to obtain affected products, impact, and remediation information.

CVE-2006-6647

CVE-2006-6647 is a cross-site scripting (XSS) vulnerability affecting the Drupal MySite module. Affected versions are Drupal-based MySite 4.7.x before 4.7.x-3.3 and 5.x before 5.x-1.3. The vulnerability arises in the Title field when editing a page, allowing remote attackers to inject arbitrary w...

CVE-2006-6197

Multiple cross-site scripting XSS vulnerabilities in b2evolution 1.8.2 through 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the 1 appname parameter in a 404notfound.page.php, b 410statsgone.page.php, and c refererspam.page.php in inc/VIEW/errors/; the 2 baseurl...

CVE-2006-2176

Multiple cross-site scripting XSS vulnerabilities in links.php in PHP Linkliste 1.0b allow remote attackers to inject arbitrary web script or HTML via the 1 newinput, 2 newurl, or 3 newname parameter...