3723 matches found
CVE-2004-1213
Cross-site scripting XSS vulnerability in index.php in Advanced Guestbook 2.3.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the entry parameter...
CVE-2004-2152
Cross-site scripting XSS vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML...
CVE-2004-1397
Cross-site scripting XSS vulnerability in UseModWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via an argument to wiki.pl...
CVE-2004-1789
Cross-site scripting XSS vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth1 page...
CVE-2004-1506
Multiple cross-site scripting XSS vulnerabilities in WebCalendar allow remote attackers to inject arbitrary web script via 1 viewentry.php, 2 viewd.php, 3 usersel.php, 4 datesel.php, 5 trailer.php, or 6 styles.php, as demonstrated using img srg tags...
CVE-2004-1837
Cross-site scripting XSS vulnerability in Modsurvey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2.0-pre4 allows remote attackers to inject arbitrary web script or HTML via the certain survey fields or error messages for malformed query strings...
CVE-2004-2510
Cross-site scripting XSS vulnerability in showflat.php in Infopop UBB.Threads before 6.5 allows remote attackers to inject arbitrary web script or HTML via the Cat parameter...
CVE-2004-1467
Multiple cross-site scripting XSS vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 date or search text field in the calendar module, 2 Field parameter, Filter parameter, QField parameter, Start parameter or Search field in th...
CVE-2004-2514
Cross-site scripting XSS vulnerability in modules/privatemessages/index.php in PowerPortal 1.x allows remote attackers to inject arbitrary web script or HTML via the 1 SUBJECT or 2 MESSAGE field...
CVE-2004-2574
Cross-site scripting XSS vulnerability in index.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to inject arbitrary web script or HTML via the date parameter in a calendar.uicalendar.planner menuaction...
CVE-2004-2564
Multiple cross-site scripting XSS vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, allow remote attackers to inject arbitrary web script or HTML via 1 the show parameter in show.asp and 2 the title parameter in showperf.asp...
CVE-2004-2738
Cross-site scripting XSS vulnerability in checkuserid.php in ZeroBoard 4.1pl4 and earlier allows remote attackers to inject arbitrary web script or HTML via the userid parameter...
CVE-2004-1790
Cross-site scripting XSS vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL...
CVE-2004-1824
Cross-site scripting XSS vulnerability in Jelsoft vBulletin before 3.0 allows remote attackers to inject arbitrary web script or HTML via the what parameter to memberlist.php...
CVE-2004-2015
Cross-site scripting XSS vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via 1 iframe, 2 img, or 3 object tags...
CVE-2004-1911
Cross-site scripting XSS vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the 1 l parameter aka language variable to index.php or 2 id parameter to view.php...
CVE-2004-2188
Cross-site scripting XSS vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2004-2199
Cross-site scripting XSS vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text...
CVE-2004-2497
Cross-site scripting XSS vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to inject arbitrary web script or HTML via unknown attack vector...
CVE-2004-2702
Cross-site scripting XSS vulnerability in loginup.php3 in Plesk 7.0 and 7.1 Reloaded allows remote attackers to inject arbitrary web script or HTML via the loginname parameter. NOTE: this might be the same vector as CVE-2006-6451...