CVE-2012-2903

Multiple cross-site scripting XSS vulnerabilities in PHP Address Book 7.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to group.php, or the 2 targetlanguage or 3 targetflag parameter to translate.php...

Cross site scripting

Cross-site scripting XSS vulnerability in captchademo.php in Unijimpe Captcha allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PHP Address Book 7.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to group.php, or the 2 targetlanguage or 3 targetflag parameter to translate.php...

CVE-2012-2914

Cross-site scripting XSS vulnerability in captchademo.php in Unijimpe Captcha allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

WordPress User Photo Plugin <= 0.9.5.1 - XSS

Because of this vulnerability in user-photo.php, attackers can inject arbitrary web script or HTML via the PATHINFO to wp-admin/options-general.php. Solution Update the plugin...

Cross site scripting

Cross-site scripting XSS vulnerability in system/classes/login.php in ContentLion Alpha 1.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

CVE-2012-1224

Cross-site scripting XSS vulnerability in system/classes/login.php in ContentLion Alpha 1.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

CVE-2012-1069

Cross-site scripting XSS vulnerability in module/kb/searchword in the search module in lknSupport allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

CVE-2012-1069

Cross-site scripting XSS vulnerability in module/kb/searchword in the search module in lknSupport allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

CVE-2012-1069

The CVE-2012-1069 entry describes a Cross-site Scripting (XSS) vulnerability in the search module’s Word search function (module/kb/search_word) in lknSupport, exploitable via PATH_INFO to inject arbitrary scripts/HTML. Impact details indicate no confidentiality or availability impact, but partia...

CVE-2011-5076

SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, 5.1, and possibly other versions allows remote attackers to execute arbitrary SQL commands via the PATHINFO to index.php. NOTE: some of these details are obtained from third party information...

CVE-2011-5076

The CVE-2011-5076 entry describes an SQL injection in HDWiki’s model/comment.class.php for HDWiki 5.0/5.1 (and possibly other versions), exploitable via PATH_INFO to index.php, allowing remote execution of arbitrary SQL commands. Root cause: unsafe SQL construction in the affected file. Documents...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Acidcat CMS 3.5.1, 3.5.2, 3.5.6, and possibly earlier allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 admincolors.asp, 2 adminconfig.asp, and 3 admincatadd.asp in admin/...

CVE-2012-0900

Multiple cross-site scripting XSS vulnerabilities in Beehive Forum 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 forum/register.php or 2 forum/logon.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Beehive Forum 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 forum/register.php or 2 forum/logon.php...

CVE-2012-0900

Multiple cross-site scripting XSS vulnerabilities in Beehive Forum 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 forum/register.php or 2 forum/logon.php...

Cross site scripting

Cross-site scripting XSS vulnerability in Pligg CMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the search program, a different vulnerability than CVE-2011-3986...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php, 2 admin/boxes.php, 3 comm/clients.php, 4 commande/index.php; and the optioncss parameter to 5 admin/ihm.php an...

CVE-2011-4561

Cross-site scripting XSS vulnerability in admin.php in Phorum 5.2.18 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to admin/index.php. NOTE: some of these details are obtained from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in admin.php in Phorum 5.2.18 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to admin/index.php. NOTE: some of these details are obtained from third party information...