CVE-2005-1324

Multiple cross-site scripting XSS vulnerabilities in index.php for phpMyVisites allow remote attackers to inject arbitrary web script or HTML via the 1 part, 2 per, or 3 site parameters...

CVE-2005-0378

Multiple cross-site scripting XSS vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 group parameter to prefs.php or 2 url parameter to index.php...

CVE-2005-1083

index.php in aeDating 3.2 allows remote attackers to include arbitrary files via the skin parameter...

CVE-2005-0460

index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to obtain sensitive information by setting the debug parameter...

CVE-2005-0463

Unknown "major security flaws" in Ulog-php before 1.0, related to input validation, have unknown impact and attack vectors, probably related to SQL injection vulnerabilities in 1 host.php, 2 port.php, and 3 index.php...

CVE-2005-1203

Multiple SQL injection vulnerabilities in index.php in eGroupware before 1.0.0.007 allow remote attackers to execute arbitrary SQL commands via the 1 filter or 2 catsapp parameter...

CVE-2005-0662

Cross-site scripting XSS vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the Avatar field...

CVE-2005-0870

Multiple cross-site scripting XSS vulnerabilities in phpSysInfo 2.3, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 sensorprogram parameter to index.php, 2 textlanguage, 3 texttemplate, or 4 hidepicklist parameter to systemfooter.php...

CVE-2005-0267

index.php in FlatNuke 2.5.1 allows remote attackers to create an administrator account via carriage returns and 10 in the urlavatar field, which is interpreted as a sensitive directive...

CVE-2005-0443

index.php in CubeCart 2.0.4 allows remote attackers to 1 obtain the full path for the web server or 2 conduct cross-site scripting XSS attacks via an invalid language parameter, which echoes the parameter in a PHP error message...

CVE-2005-0677

index.php for Zorum 3.5 allows remote attackers to perform certain actions as other users by modifying the id parameter...

CVE-2005-0675

Cross-site scripting XSS vulnerability in index.php for Zorum 3.5 allows remote attackers to inject arbitrary web script or HTML via the 1 list or 2 frommethod parameters...

DEBIAN-CVE-2005-0870

Multiple cross-site scripting XSS vulnerabilities in phpSysInfo 2.3, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 sensorprogram parameter to index.php, 2 textlanguage, 3 texttemplate, or 4 hidepicklist parameter to systemfooter.php...

CVE-2005-1324

Multiple cross-site scripting XSS vulnerabilities in index.php for phpMyVisites allow remote attackers to inject arbitrary web script or HTML via the 1 part, 2 per, or 3 site parameters...

CVE-2005-1324

CVE-2005-1324 affects phpMyVisites via multiple XSS in index.php. The vulnerability allows remote attackers to inject arbitrary scripts/HTML through the (1) part, (2) per, or (3) site parameters. The issue originates from improper handling of user-supplied input in the index.php script, enabling ...

CVE-2005-1233

The CVE-2005-1233 issue concerns an XSS vulnerability in the PHP Labs proFile product’s index.php, exploitable via the (1) dir and (2) file parameters. The root cause is unsanitized input leading to arbitrary script/HTML injection in responses. Impact is remote code/input manipulation potential f...

CVE-2005-1233

Cross-site scripting XSS vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the 1 dir or 2 file parameters...

CVE-2005-1202

Multiple cross-site scripting XSS vulnerabilities in eGroupware before 1.0.0.007 allow remote attackers to inject arbitrary web script or HTML via the 1 abid, 2 page, 3 type, or 4 lang parameter to index.php or 5 categoryid parameter...

CVE-2005-1203

Summary: CVE-2005-1203 affects eGroupWare. Multiple SQL injection vulnerabilities exist in index.php, exploitable via the (1) filter and (2) cats_app parameters, allowing remote attackers to execute arbitrary SQL commands. Affected versions are before 1.0.0.007. The vulnerability has a CVSSv2 bas...

CVE-2005-1233

Cross-site scripting XSS vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the 1 dir or 2 file parameters...