CVE-2008-2777

Cross-site scripting XSS vulnerability in Ortro before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2008-2783

Multiple cross-site scripting XSS vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronolith allow remote attackers to inject arbitrary web script or HTML via the timestamp parameter to 1 week.php, 2 workweek.php, and 3 day.php; and 4 the horde parameter in the PATHINFO to the...

CVE-2008-2561

Multiple cross-site scripting XSS vulnerabilities in 427BB 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to a register.php, b reminder.php, and c search.php; the 2 uname, 3 email, and 4 email2 parameters to register.php; the 5 email parameter to...

DEBIAN-CVE-2008-2302

Cross-site scripting XSS vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request...

CVE-2008-2335

Cross-site scripting XSS vulnerability in searchresults.php in Vastal I-Tech phpVID 1.1 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 1.2.3 is...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in editor.php in ScriptsEZ.net Power Editor 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 te and 2 dir parameters in a tempedit action...

CVE-2008-1468

Cross-site scripting XSS vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are...

CVE-2008-1008

Cross-site scripting XSS vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via the document.domain property...

CVE-2008-1306

Multiple cross-site scripting XSS vulnerabilities in Savvy Content Manager CM allow remote attackers to inject arbitrary web script or HTML via the searchterms parameter to 1 searchresults.cfm, 2 searchresults.cfm, and 3 searchresults/index.cfm. NOTE: the provenance of this information is unknown...

Cross site scripting

Cross-site scripting XSS vulnerability in AuthentiX 6.3b1 Trial allows remote attackers to inject arbitrary web script or HTML via the username parameter to aspAdmin/deleteUser.asp, a different vector than CVE-2008-1174. NOTE: the provenance of this information is unknown; the details are obtaine...

CVE-2008-0809

Cross-site scripting XSS vulnerability in the htmlscrubber in Ikiwiki before 1.1.46 allows remote attackers to inject arbitrary web script or HTML via title contents...

CVE-2008-0749

Cross-site scripting XSS vulnerability in index.php in Calimero.CMS 3.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a calimerowebpage action...

Cross site scripting

Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.1 through 3.6.0.244 on Windows allows remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Full Name field of a reviewer of a business item entry, accessible through 1 the...

CVE-2007-6695

Cross-site scripting XSS vulnerability in index.php in Drake CMS 0.4.9 allows remote attackers to inject arbitrary web script or HTML via the option parameter...

CVE-2007-6695

Cross-site scripting XSS vulnerability in index.php in Drake CMS 0.4.9 allows remote attackers to inject arbitrary web script or HTML via the option parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in Electronic Logbook ELOG before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via subtext parameter to unspecified components...

CVE-2008-0426

Multiple cross-site scripting XSS vulnerabilities in submit.php in PacerCMS before 0.6.1 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 headline, or 3 text field in a message...

CVE-2008-0404

Cross-site scripting XSS vulnerability in Mantis before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "Most active bugs" summary...

apache mod_status cross-site scripting

Cross-site scripting XSS vulnerability in modstatus in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

httpd mod_proxy_balancer cross-site scripting

Cross-site scripting XSS vulnerability in balancer-manager in modproxybalancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the 1 ss, 2 wr, or 3 rr parameters, or 4 the URL...