CVE-2006-2031

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

DEBIAN-CVE-2006-2031

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

security flaw

Cross-site scripting XSS vulnerability in phpinfo info.c in PHP 5.1.2 and 4.4.2 allows remote attackers to inject arbitrary web script or HTML via long array variables, including 1 a large number of dimensions or 2 long values, which prevents HTML tags from being removed...

PT-2006-2844 · Bluepay · Bluepay Manager

Name of the Vulnerable Software and Affected Versions: BluePay Manager versions 2.0 and earlier Description: The issue allows remote attackers to inject arbitrary web script or HTML during a login action via the Account Name and Username fields. The vendor has disputed this issue, stating it does...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in ModX 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this might be resultant from the directory traversal vulnerability...

CVE-2006-1796

Cross-site scripting XSS vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions before 2.0.1, allows remote attackers to inject arbitrary web script or HTML to Internet Explorer users via the request URI $SERVER'REQUESTURI'...

DEBIAN-CVE-2006-1678

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.8.0.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors in unspecified scripts in the themes directory...

CVE-2006-1660

Cross-site scripting XSS vulnerability in imagedesc.php in Softbiz Image Gallery allows remote attackers to inject arbitrary web script or HTML via msg parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...

CVE-2006-1498

Cross-site scripting XSS vulnerability in MediaWiki before 1.5.8 and 1.4.15 allows remote attackers to inject arbitrary web script or HTML via crafted encoded links...

CoMoblog 1.0 - 'Img.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17201/info CoMoblog is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...

CVE-2006-1295

Cross-site scripting XSS vulnerability in recherche.php3 in SPIP 1.8.2-g allows remote attackers to inject arbitrary web script or HTML via the recherche parameter...

PT-2006-2218 · Textfilebb · Textfilebb

Name of the Vulnerable Software and Affected Versions: textfileBB versions 1.0 and earlier Description: The issue allows remote attackers to inject arbitrary web script or HTML via the mess and user parameters in "messanger.php", possibly requiring a URL encoded value. Recommendations: For...

CVE-2006-0149

Cross-site scripting XSS vulnerability in SimpBook 1.0, with htmlenable on the default, allows remote attackers to inject arbitrary web script or HTML via the message field...

CVE-2005-4494

Cross-site scripting XSS vulnerability in SPIP 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 spiplogin.php3 and 2 spippass.php3...

CVE-2005-3352

Cross-site scripting XSS vulnerability in the modimap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps...

PT-2005-4860 · Milliscripts · Milliscripts

Name of the Vulnerable Software and Affected Versions: MilliScripts version 1.4 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the domainname parameter to "register.php", and other unspecified vectors. The vendor has disputed this issue, stating that no...

CVE-2005-3665

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPHOST variable and 2 various scripts in the libraries directory that handle header generation...

CVE-2005-3787

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via 1 the cookie-based login panel, 2 the title parameter and 3 the table creation dialog...

CVE-2005-3688

Cross-site scripting XSS vulnerability in members.php in XMB 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Your Current Mood" field in the registration page...

Zeroboard flaws

The remote web server contains several PHP scripts that are prone to arbitrary PHP code execution and cross-site scripting attacks. Description : The remote host runs Zeroboard, a web BBS application popular in Korea. The remote version of this software is vulnerable to cross-site scripting and...