CVE-2004-2246

Cross-site scripting XSS vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversationid parameter to viewpic.php...

e107 Website System 0.5/0.6 - 'Log.php' HTML Injection

source: https://www.securityfocus.com/bid/10395/info It is reported that e107 website system is prone to a remote HTML injection vulnerability. This issue is due to a failure by the application to properly sanitize user-supplied input. The problem presents itself when a user supplies malicious HT...