4525 matches found
CVE-2004-1789
Cross-site scripting XSS vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth1 page...
CVE-2004-1837
Cross-site scripting XSS vulnerability in Modsurvey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2.0-pre4 allows remote attackers to inject arbitrary web script or HTML via the certain survey fields or error messages for malformed query strings...
CVE-2004-2510
Cross-site scripting XSS vulnerability in showflat.php in Infopop UBB.Threads before 6.5 allows remote attackers to inject arbitrary web script or HTML via the Cat parameter...
CVE-2004-2128
Cross-site scripting XSS vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll...
CVE-2004-2152
Cross-site scripting XSS vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML...
CVE-2004-1551
Cross-site scripting XSS vulnerability in the 1 email or 2 file modules in paFileDB 3.1 Final allows remote attackers to execute arbitrary web script or HTML via the id parameter...
CVE-2004-1824
Cross-site scripting XSS vulnerability in Jelsoft vBulletin before 3.0 allows remote attackers to inject arbitrary web script or HTML via the what parameter to memberlist.php...
CVE-2004-2738
Cross-site scripting XSS vulnerability in checkuserid.php in ZeroBoard 4.1pl4 and earlier allows remote attackers to inject arbitrary web script or HTML via the userid parameter...
CVE-2004-1467
Multiple cross-site scripting XSS vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 date or search text field in the calendar module, 2 Field parameter, Filter parameter, QField parameter, Start parameter or Search field in th...
CVE-2004-1790
Cross-site scripting XSS vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL...
CVE-2004-2514
Cross-site scripting XSS vulnerability in modules/privatemessages/index.php in PowerPortal 1.x allows remote attackers to inject arbitrary web script or HTML via the 1 SUBJECT or 2 MESSAGE field...
CVE-2004-2564
Multiple cross-site scripting XSS vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, allow remote attackers to inject arbitrary web script or HTML via 1 the show parameter in show.asp and 2 the title parameter in showperf.asp...
CVE-2004-1798
RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language SMIL presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different...
CVE-2004-2015
Cross-site scripting XSS vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via 1 iframe, 2 img, or 3 object tags...
CVE-2004-2574
Cross-site scripting XSS vulnerability in index.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to inject arbitrary web script or HTML via the date parameter in a calendar.uicalendar.planner menuaction...
CVE-2004-2188
Cross-site scripting XSS vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2004-2199
Cross-site scripting XSS vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text...
CVE-2004-1563
Multiple cross-site scripting XSS vulnerabilities in w-Agora 4.1.6a allow remote attackers to execute arbitrary web script or HTML via the 1 thread parameter to downloadthread.php, 2 loginuser parameter to login.php, or 3 userid parameter to forgotpassword.php...
CVE-2004-1578
Cross-site scripting XSS vulnerability in index.php in Invision Power Board 2.0.0 allows remote attackers to execute arbitrary web script or HTML via the Referer field in the HTTP header...
CVE-2004-1794
Cross-site scripting XSS vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script or HTML via the NICKNAME tag in a vCard...