CVE-2009-1908

Cross-site scripting XSS vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2005-2853

Multiple cross-site scripting XSS vulnerabilities in GuppY 4.5.3a and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the pg parameter to printfaq.php, or the 2 Referer or 3 User-Agent HTTP headers, which are not properly handled by error.php...

CVE-2008-0913

Cross-site scripting XSS vulnerability in Invision Power Board IPB or IP.Board 2.3.4 allows remote attackers to inject arbitrary web script or HTML via crafted BBCodes in an unspecified context...

CVE-2009-2569

Multiple cross-site scripting XSS vulnerabilities in Verlihub Control Panel VHCP 1.7e allow remote attackers to inject arbitrary web script or HTML via 1 the nick parameter in a login action to index.php or 2 the URI in a news request to index.html...

CVE-2009-3283

Cross-site scripting XSS vulnerability in phpspot PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHPRSSBuilder, and webshot, dated before 20090914, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to cookies...

CVE-2009-0525

Cross-site scripting XSS vulnerability in the sajaxgetcommonjs function in php/Sajax.php in Sajax 0.12 allows remote attackers to inject arbitrary web script or HTML via the URL parameter, which is not properly handled when using browsers that do not URL-encode requests, such as Internet Explorer...

CVE-2009-2221

Cross-site scripting XSS vulnerability in PHP-I-BOARD 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2005-2318

Cross-site scripting XSS vulnerability in showerr.asp in DVBBS 7.1 SP2 allows remote attackers to inject arbitrary web script or HTML via the action parameter...

CVE-2009-4953

Cross-site scripting XSS vulnerability in the Userdata Create/Edit sguserdata extension before 0.91.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2008-1432

Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine SupportCenter Plus 7.0.0 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, a related issue to CVE-2008-1299. NOTE: the provenance of this information is unknown; the details are...

CVE-2005-1008

Cross-site scripting XSS vulnerability in posts.asp for ASP-DEv XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via a "javascript:" URL in an IMG tag...

CVE-2002-2376

Cross-site scripting XSS vulnerability in E-Guestsign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the 1 full name, 2 email, 3 homepage, and 4 location parameters. NOTE: this issue might overlap CVE-2005-1605...

CVE-2002-2341

Cross-site scripting XSS vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL...

CVE-2006-6166

Cross-site scripting XSS vulnerability in jce.php in the JCE Admin Component in Ryan Demmer Joomla Content Editor JCE 1.0.4 for Joomla! comjce, without the 20060821 jcepatch, allows remote attackers to inject arbitrary web script or HTML via the mosConfiglivesite parameter...

CVE-2008-0494

Cross-site scripting XSS vulnerability in vpnum/userslist.php in Endian Firewall 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the psearch parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2009-1320

Multiple cross-site scripting XSS vulnerabilities in include/zstore.php in Zazzle Store Builder 1.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 gridPage and 2 gridSort parameters. NOTE: some of these details are obtained from third party information...

CVE-2006-6625

Cross-site scripting XSS vulnerability in mod/forum/discuss.php in Moodle 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the navtail parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-0181

Cross-site scripting XSS vulnerability in the Admin portlet in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Shutdown message...

CVE-2006-7238

Cross-site scripting XSS vulnerability in MyShoutPro before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-2343

Cross-site scripting XSS vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information...