DEBIAN-CVE-2005-2215

Cross-site scripting XSS vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different vulnerability than CVE-2005-1888...

CVE-2004-1824

CVE-2004-1824 – vBulletin XSS vulnerability : The affected software is Jelsoft/vBulletin. The issue is a cross-site scripting flaw in the handling of URI input (not properly sanitized), exploitable via the what parameter to memberlist.php or similar URI input vectors in older vBulletin releases. ...

CVE-2005-0870

Multiple cross-site scripting XSS vulnerabilities in phpSysInfo 2.3, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 sensorprogram parameter to index.php, 2 textlanguage, 3 texttemplate, or 4 hidepicklist parameter to systemfooter.php...

DEBIAN-CVE-2005-0870

Multiple cross-site scripting XSS vulnerabilities in phpSysInfo 2.3, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 sensorprogram parameter to index.php, 2 textlanguage, 3 texttemplate, or 4 hidepicklist parameter to systemfooter.php...

SonicWALL SOHO Web Interface Multiple Remote Input Validation Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via 1 the URL or 2 the user login name, which is not filtered when the administrator views the log file. CVE: CVE-2005-1006 Last updated: July 11, 2017, 1:32 a...

CVE-2005-1308

SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...

CVE-2005-1000

Multiple cross-site scripting XSS vulnerabilities in PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via 1 the bid parameter to the EmailStats op in banners.pgp, 2 the ratenum parameter in the TopRated and MostPopular actions in the WebLinks module, 3 the ttitle paramet...

PT-2005-1861 · Php · Php-Post

Name of the Vulnerable Software and Affected Versions: PHP-Post versions prior to 0.33 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML. Recommendations: For versions prior to 0.33, update to version 0.33 or later to resolve the issue...

security flaw

Cross-site scripting XSS vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page...

CVE-2005-0723

Cross-site scripting XSS vulnerability in the jumpmenu function in functions.php for paFileDB 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL parameters, which is not properly cleansed in the $pageurl variable, as demonstrated using pafiledb.php...

CVE-2005-0656

Multiple cross-site scripting XSS vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the 1 hits parameter to hits.php, 2 query parameter to index.php, or 3 theCount parameter to counter.php...

CVE-2005-0674

Cross-site scripting XSS vulnerability in the News module for paBox 1.6 allows remote attackers to inject arbitrary web script or HTML via the text hidden parameter in an HTTP POST request...

CVE-2005-0660

Multiple cross-site scripting XSS vulnerabilities in D-Forum 1.11 allows remote attackers to inject arbitrary web script or HTML via certain fields, as demonstrated using the page parameter in nav.php3...

CVE-2005-0628

Multiple cross-site scripting XSS vulnerabilities in Forumwa 1.0 allow remote attackers to inject arbitrary web script or HTML via 1 the keyword parameter in search.php or the 2 body or 3 subject of a forum message...

CVE-2005-0641

Cross-site scripting XSS vulnerability in the Reporter for Computer Associates CA Unicenter Asset Management UAM 4.0 allows remote attackers to inject arbitrary HTML or web script via the 1 name or 2 description in a report template...

CVE-2004-1055

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PmaAbsoluteUri parameter, 2 the zerorows parameter in readdump.php, 3 the confirm form, or 4 an error message generated by the internal...

CVE-2005-0629

Multiple cross-site scripting XSS vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 user or 2 Avatar parameters...

CutePHP CuteNews 1.3.6 - 'x-forwarded-for' Script Injection

source: https://www.securityfocus.com/bid/12691/info A remote script injection vulnerability affects CutePHP CuteNews. This issue is due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical functionality. An attacker may leverage this...

CVE-2004-1711

Cross-site scripting XSS vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter...

CVE-2004-1730

Cross-site scripting XSS vulnerability in Mantis bugtracker allows remote attackers to inject arbitrary web script or HTML via 1 the return parameter to loginpage.php, 2 e-mail field in signup.php, 3 action parameter to loginselectprojpage.php, or 4 hidestatus parameter to viewallset.php...