3723 matches found
CVE-2004-1730
Cross-site scripting XSS vulnerability in Mantis bugtracker allows remote attackers to inject arbitrary web script or HTML via 1 the return parameter to loginpage.php, 2 e-mail field in signup.php, 3 action parameter to loginselectprojpage.php, or 4 hidestatus parameter to viewallset.php...
CVE-2004-2624
Cross-site scripting XSS vulnerability in "TextSearch" in WackoWiki 3.5 allows remote attackers to inject arbitrary web script or HTML via the "phrase" parameter...
CVE-2004-2625
Cross-site scripting XSS vulnerability in Outblaze Email allows remote attackers to inject arbitrary web script or HTML via Javascript in an attribute of an IMG tag...
CVE-2004-1794
Cross-site scripting XSS vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script or HTML via the NICKNAME tag in a vCard...
CVE-2004-1807
Cross-site scripting XSS vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to inject arbitrary web script or HTML via the URL...
CVE-2004-1746
Cross-site scripting XSS vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the 1 catselect or 2 show parameters...
CVE-2004-2447
Cross-site scripting XSS vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or HTML via the Mailbox parameter to 1 viewmail.tagz, 2 the index script under /user/, 3 members.tagz, 4 general.tagz, 5 advanced.tagz, or 6 list.tagz...
CVE-2004-2755
Cross-site scripting XSS vulnerability in Symantec Web Security 2.5, 3.0.0, and 3.0.1 before build 62 allows remote attackers to inject arbitrary web script or HTML via the query string in blocked URLs that are listed in 1 error or 2 block page messages...
CVE-2004-2171
Cross-site scripting XSS vulnerability in Cherokee before 0.4.8 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting error page...
CVE-2004-1809
Cross-site scripting XSS vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 postdays parameter to viewtopic.php or 2 topicdays parameter to viewforum.php...
CVE-2004-1863
Multiple cross-site scripting XSS vulnerabilities in XMB aka extreme message board 1.9 beta aka Nexus beta allow remote attackers to inject arbitrary web script or HTML via 1 the u2uheader parameter in editprofile.php, the restrict parameter in 2 member.php, 3 misc.php, and 4 today.php, and 5 an...
CVE-2004-2113
Cross-site scripting XSS vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the URL...
CVE-2004-2379
Multiple cross-site scripting XSS vulnerabilities in @Mail 3.64 for Windows allow remote attackers to inject arbitrary web script or HTML via 1 the Displayed Name attribute in util.pl and 2 the Folder attribute in showmail.pl...
CVE-2004-2756
Cross-site scripting XSS vulnerability in viewtopic.php in Xoops 2.x, possibly 2 through 2.0.5, allows remote attackers to inject arbitrary web script or HTML via the 1 forum and 2 topicid parameters...
CVE-2004-1442
Cross-site scripting XSS vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by error messages such as "DTWP001E."...
CVE-2004-1424
Cross-site scripting XSS vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter...
CVE-2004-1210
Cross-site scripting XSS vulnerability in proxylog.dat in IPCop 1.4.1 and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the 1 url or 2 part variables...
CVE-2004-1229
Cross-site scripting vulnerability in the parser for Gadu-Gadu allows remote attackers to inject arbitrary web script or HTML via 1 http:// or 2 news:// URLs, a different vulnerability than CVE-2004-1410...
CVE-2004-1213
Cross-site scripting XSS vulnerability in index.php in Advanced Guestbook 2.3.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the entry parameter...
CVE-2004-1133
Multiple cross-site scripting XSS vulnerabilities in Microsoft W3Who ISAPI w3who.dll allow remote attackers to inject arbitrary HTML and web script via 1 HTTP headers such as "Connection" or 2 invalid parameters whose values are echoed in the resulting error message...