CVE-2005-4379

Multiple cross-site scripting XSS vulnerabilities in Bitweaver 1.1 and 1.1.1 beta allow remote attackers to inject arbitrary web script or HTML via the 1 sortmode parameter to a fisheye/listgalleries.php, b messages/messagebox.php, and c users/my.php; the 2 postid parameter to d blogs/viewpost.ph...

AbleDesign D-Man 3.0 - 'Title' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15993/info D-Man is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'title' parameter. An attacker may leverage this issue to have arbitrary script code...

Hot Banana Web Content Management Suite 5.3 - Cross-Site Scripting

Hot Banana Web Content Management Suite 5.3 - Cross-Site Scripting source: https://www.securityfocus.com/bid/15948/info Web Content Management Suite is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An...

Liferay Portal Enterprise 3.6.1 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/15951/info Liferay Portal Enterprise is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script...

Magnolia Search Module 2.1 - Cross-Site Scripting

Magnolia Search Module 2.1 - Cross-Site Scripting source: https://www.securityfocus.com/bid/15954/info Magnolia Content Management Suite is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...

Magnolia Search Module 2.1 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/15954/info Magnolia Content Management Suite is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

CVE-2005-4284

Cross-site scripting XSS vulnerability in StaticStore Search Engine 1.189A and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to search.cgi, possibly the keywords parameter. NOTE: this issue was originally disputed by the vendor, but it has since...

Binary Board System 0.2.5 - toc.pl?board Cross-Site Scripting

Binary Board System 0.2.5 - toc.pl?board Cross-Site Scripting source: https://www.securityfocus.com/bid/15913/info binary board system is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...

EZDatabase 2.1.2 - index.php?db_id SQL Injection

EZDatabase 2.1.2 - index.php?dbid SQL Injection source: https://www.securityfocus.com/bid/15908/info ezDatabase is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. ezDatabase is prone to an SQL...

DCForum 1-6 DCBoard Script - Page Cross-Site Scripting

DCForum 1-6 DCBoard Script - Page Cross-Site Scripting source: https://www.securityfocus.com/bid/15885/info DCForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...

eDatCat 3.0 - EDCstore.pl Cross-Site Scripting

eDatCat 3.0 - EDCstore.pl Cross-Site Scripting source: https://www.securityfocus.com/bid/15889/info eDatCat is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

ECTOOLS Onlineshop 1.0 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/15891/info ECTOOLS Onlineshop is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

EveryAuction 1.53 - Auction.pl Cross-Site Scripting

source: https://www.securityfocus.com/bid/15824/info EveryAuction is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to run arbitrary script code in the browser of an unsuspecting user in the context of t...

PHP JackKnife 2.21 - Cross-Site Scripting

source: www.securityfocus.com/bid/15841/info PHP JackKnife is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an...

EveryAuction 1.53 - Auction.pl Cross-Site Scripting

EveryAuction 1.53 - Auction.pl Cross-Site Scripting source: https://www.securityfocus.com/bid/15824/info EveryAuction is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to run arbitrary script code in the...

Magic Book Professional 2.0 - Book.cfm Cross-Site Scripting

Magic Book Professional 2.0 - Book.cfm Cross-Site Scripting source: https://www.securityfocus.com/bid/15805/info Magic Book Professional is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...

CF_Nuke 4.6 - 'index.cfm' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15778/info CFNuke is prone to multiple cross-site scripting vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an...

CVE-2005-4061

Cross-site scripting XSS vulnerability in PASearch.asp in XcPhotoAlbum 1.x allows remote attackers to inject arbitrary web script or HTML via the search parameters...

Thwboard Beta 2.8 - 'misc.php?userid' SQL Injection

source: https://www.securityfocus.com/bid/15763/info ThWboard is prone to multiple input validation vulnerabilities. The application is vulnerable to HTML injection, cross-site scripting, and SQL injection; these issues are due to a lack of proper sanitization of user-supplied input. A remote...

IISWorks ASPKnowledgeBase 2.0 - KB.asp Cross-Site Scripting

IISWorks ASPKnowledgeBase 2.0 - KB.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/15734/info ASPKnowledgeBase is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...