CVE-2005-0534

Multiple cross-site scripting XSS vulnerabilities in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allow remote attackers to inject arbitrary web script...

PANews 2.0 - PHP Remote Code Execution

source: https://www.securityfocus.com/bid/12611/info PaNews is reported prone to a remote PHP script code execution vulnerability. It is reported that PHP script code may be injected into the PaNews software through the 'showcopy' parameter of the 'adminsetup.php' script. Reports indicate that wh...

CVE-2004-1589

Cross-site scripting XSS vulnerability in GoSmart Message Board allows remote attackers to execute inject web script or HTML via the 1 Category parameter to Forum.asp or 2 MainMessageID parameter to ReplyToQuestion.asp...

CVE-2004-1632

Cross-site scripting XSS vulnerability in wiki.php in MoniWiki 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the arguments to wiki.php...

CVE-2005-0477

Cross-site scripting XSS vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows remote attackers to inject arbitrary web script via 1 a signature file or 2 a message post containing an IMG tag within a COLOR tag whose style is set to background:url...

CVE-2005-0434

Multiple cross-site scripting XSS vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via 1 the newdownloadshowdays parameter in a NewDownloads operation or 2 the newlinkshowdays parameter in a NewLinks operation...

CVE-2004-1467

Multiple cross-site scripting XSS vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 date or search text field in the calendar module, 2 Field parameter, Filter parameter, QField parameter, Start parameter or Search field in th...

CVE-2004-1412

Cross-site scripting XSS vulnerability in index.php in Kayako eSupport 2.x allows remote attackers to inject arbitrary web script or HTML via the searchm parameter...

CVE-2004-1424

Cross-site scripting XSS vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2004-1397

Cross-site scripting XSS vulnerability in UseModWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via an argument to wiki.pl...

CVE-2005-0320

Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter to login.html, 2 accountid parameter to accountsettingsadd.html, or the 3 note, 4 title, and 5 location...

VulnCheck KEV: CVE-2004-1319

The DHTML Edit Control dhtmled.ocx allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as...

CVE-2004-1384

Multiple cross-site scripting XSS vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 kp3, 2 type, 3 msg, 4 forumid, 5 pos, 6 catsapp, 7 catid, 8 msgballmsgnum, 9 fldballacctnum parameters to index.php or 10 ticketid to...

CVE-2005-0104

Cross-site scripting XSS vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to inject arbitrary web script or HTML via certain integer variables...

CVE-2005-0307

Multiple cross-site scripting XSS vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 s, 2 l, 3 a, 4 t, 5 to, or 6 re parameters...

CVE-2005-0221

Cross-site scripting XSS vulnerability in login.php in Gallery 2.0 Alpha allows remote attackers to inject arbitrary web script or HTML via the g2formsubject field...

CVE-2005-0291

Cross-site scripting XSS vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase...

CVE-2004-1210

Cross-site scripting XSS vulnerability in proxylog.dat in IPCop 1.4.1 and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the 1 url or 2 part variables...

CVE-2004-1196

Cross-site scripting XSS vulnerability in inmail.pl in Insite Inmail allows remote attackers to inject arbitrary web script or HTML via the acao parameter...

CVE-2004-1177

Cross-site scripting XSS vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page...