872 matches found
CVE-2007-2913
Cross-site scripting XSS vulnerability in index.php in ClonusWiki .5 allows remote attackers to inject arbitrary web script or HTML via the query parameter...
CVE-2007-1515
Multiple cross-site scripting XSS vulnerabilities in Horde IMP H3 4.1.3, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via 1 the email Subject header in thread.php, 2 the editquery parameter in search.php, or other unspecified parameters in search.php. NOTE:...
CVE-2006-5643
Cross-site scripting XSS vulnerability in searchde.html in foresite CMS allows remote attackers to inject arbitrary web script or HTML via the query parameter...
CVE-2006-3948
Cross-site scripting XSS vulnerability in modules.php in PHP-Nuke INP allows remote attackers to inject arbitrary web script or HTML via the query parameter...
CVE-2006-3948
Cross-site scripting XSS vulnerability in modules.php in PHP-Nuke INP allows remote attackers to inject arbitrary web script or HTML via the query parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in search.html in Alkacon OpenCms 6.0.0, 6.0.2, and 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search action...
CVE-2006-2571
Cross-site scripting XSS vulnerability in search.html in Alkacon OpenCms 6.0.0, 6.0.2, and 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search action...
DEBIAN-CVE-2006-1803
Cross-site scripting XSS vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sqlquery parameter...
CVE-2006-1041
Multiple cross-site scripting XSS vulnerabilities in Gregarius 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the 1 rssquery parameter to search.php or 2 tag parameter to tags.php...
CVE-2006-0699
Cross-site scripting XSS vulnerability in search.php in QWikiWiki 1.5, and possibly 1.5.1 and other versions, allows remote attackers to inject arbitrary web script or HTML via the query parameter...
CVE-2006-0521
CVE-2006-0521 is a Cross-site scripting (XSS) vulnerability in BrowserCRM’s results.php where a manipulated query parameter can inject arbitrary script/HTML (demonstrated with an IMG SRC tag). Affects BrowserCRM; CVSS v2 base score 4.3 (MEDIUM). No explicit exploit details or remediation are prov...
CVE-2006-0480
Technical details for CVE-2006-0480 are not publicly available in the provided documents. Monitor for updates.
Sql injection
SQL injection vulnerability in the search module modules/Search/index.php of PHPNuke EV 7.7 -R1 allows remote attackers to execute arbitrary SQL commands via the query parameter, which is used by the search field. NOTE: This is a different vulnerability than CVE-2005-3792...
CVE-2005-4580
Cross-site scripting XSS vulnerability in Day Communique 4 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search...
CVE-2005-4401
Cross-site scripting XSS vulnerability in Lutece 1.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the query parameter...
CVE-2005-4354
Cross-site scripting XSS vulnerability in webglimpse.cgi in Webglimpse 2.14.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter...
CVE-2005-4024
Cross-site scripting XSS vulnerability in Interspire FastFind 2004 and 2005 allows remote attackers to inject arbitrary web script or HTML via the query parameter...
CVE-2005-3727
SQL injection vulnerability in debug/queryresults.jsp in Idetix Software Systems Revize CMS allows remote attackers to execute arbitrary SQL commands via the query parameter...
CVE-2005-3726
SQL injection vulnerability in Interspire ArticleLive NX 0.3 allows remote attackers to execute arbitrary SQL commands via the Query parameter...
CVE-2004-2492
Cross-site scripting XSS vulnerability in Groupmax World Wide Web GmaxWWW Desktop 5, 6, and Desktop for Jichitai 6, allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter...