CVE-2005-1292

Multiple cross-site scripting XSS vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via the idProduct parameter to 1 tellAFriend.asp or 2 addToWishlist.asp, redirect parameter to 3 access.asp or 4 login.asp, message parameter to 5 login.asp or 6...

CVE-2005-1285

Cross-site scripting XSS vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the hilight parameter...

egroupware -- multiple cross-site scripting (XSS) and SQL injection vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in eGroupware before 1.0.0.007 allow remote attackers to inject arbitrary web script or HTML via the 1 abid, 2 page, 3 type, or 4 lang parameter to index.php or 5 categoryid parameter. Multiple SQL injection vulnerabilities in index.php in...

CVE-2005-1189

Cross-site scripting XSS vulnerability in WebcamXP PRO v2.16.468 and earlier allows remote attackers to inject arbitrary web script or HTML via the chat name, as demonstrated by using an IFRAME to redirect users to other sites...

CVE-2005-1172

Cross-site scripting XSS vulnerability in init.inc.php in Coppermine Photo Gallery 1.3.x allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For parameter...

CVE-2005-1130

Cross-site scripting XSS vulnerability in index.php in Pinnacle Cart allows remote attackers to inject arbitrary web script or HTML via the pg parameter...

CVE-2005-1116

Cross-site scripting XSS vulnerability in the Calendar module for phpBB allow remote attackers to inject arbitrary web script or HTML via the start parameter to calendarscheduler.php...

CVE-2004-0534

Cross-site scripting XSS vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document...

CVE-2005-1145

NOTE: this issue has been disputed by the vendor. Cross-site scripting XSS vulnerability in calendar.pl in CalendarScript 3.20 allows remote attackers to inject arbitrary web script or HTML via the template parameter, a different vulnerability than CVE-2005-1146...

CVE-2005-1077

Multiple cross-site scripting XSS vulnerabilities in XAMPP 1.4.x allow remote attackers to inject arbitrary web script or HTML via 1 cds.php, 2 Guestbook-EN.pl, or 3 phonebook.php...

CVE-2005-1072

Cross-site scripting XSS vulnerability in PunBB before 1.2.5 allows remote attackers to inject arbitrary web script or HTML...

CVE-2005-1010

Cross-site scripting XSS vulnerability in Comersus Cart 6 allows remote attackers to inject arbitrary web script or HTML via the account username...

CVE-2005-1006

Multiple cross-site scripting XSS vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via 1 the URL or 2 the user login name, which is not filtered when the administrator views the log file...

CVE-2005-0992

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter...

CVE-2005-0981

Multiple cross-site scripting XSS vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 payment or 2 send parameter...

CVE-2005-0945

Cross-site scripting XSS vulnerability in ACS Blog 1.1.1 allows remote attackers to inject arbitrary web script or HTML via onmouseover or onload events in 1 img, 2 link, or 3 mail tags...

CVE-2005-0924

Cross-site scripting XSS vulnerability in Adventia E-Data 2.0 allows remote attackers to inject arbitrary web script or HTML via a query keyword...

CVE-2005-0914

Multiple cross-site scripting XSS vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 the profile parameter to index.php or 2 the cat parameter...

CVE-2005-0936

Cross-site scripting vulnerability in products1h.php in ESMI PayPal Storefront allows remote attackers to inject arbitrary web script or HTML via the id parameter...

CVE-2005-0873

Multiple cross-site scripting XSS vulnerabilities in test.jsp in Oracle Reports Server 10g 9.0.4.3.3 allow remote attackers to inject arbitrary web script or HTML via the 1 desname or 2 repprod parameter...