CVE-2004-2188

Cross-site scripting XSS vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2004-2199

Cross-site scripting XSS vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text...

CVE-2004-1563

Multiple cross-site scripting XSS vulnerabilities in w-Agora 4.1.6a allow remote attackers to execute arbitrary web script or HTML via the 1 thread parameter to downloadthread.php, 2 loginuser parameter to login.php, or 3 userid parameter to forgotpassword.php...

CVE-2004-1578

Cross-site scripting XSS vulnerability in index.php in Invision Power Board 2.0.0 allows remote attackers to execute arbitrary web script or HTML via the Referer field in the HTTP header...

CVE-2004-1794

Cross-site scripting XSS vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script or HTML via the NICKNAME tag in a vCard...

CVE-2004-1911

Cross-site scripting XSS vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the 1 l parameter aka language variable to index.php or 2 id parameter to view.php...

CVE-2004-2497

Cross-site scripting XSS vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to inject arbitrary web script or HTML via unknown attack vector...

CVE-2004-2624

Cross-site scripting XSS vulnerability in "TextSearch" in WackoWiki 3.5 allows remote attackers to inject arbitrary web script or HTML via the "phrase" parameter...

CVE-2004-1730

Cross-site scripting XSS vulnerability in Mantis bugtracker allows remote attackers to inject arbitrary web script or HTML via 1 the return parameter to loginpage.php, 2 e-mail field in signup.php, 3 action parameter to loginselectprojpage.php, or 4 hidestatus parameter to viewallset.php...

CVE-2004-2625

Cross-site scripting XSS vulnerability in Outblaze Email allows remote attackers to inject arbitrary web script or HTML via Javascript in an attribute of an IMG tag...

CVE-2004-2702

Cross-site scripting XSS vulnerability in loginup.php3 in Plesk 7.0 and 7.1 Reloaded allows remote attackers to inject arbitrary web script or HTML via the loginname parameter. NOTE: this might be the same vector as CVE-2006-6451...

CVE-2004-2755

Cross-site scripting XSS vulnerability in Symantec Web Security 2.5, 3.0.0, and 3.0.1 before build 62 allows remote attackers to inject arbitrary web script or HTML via the query string in blocked URLs that are listed in 1 error or 2 block page messages...

CVE-2004-1807

Cross-site scripting XSS vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to inject arbitrary web script or HTML via the URL...

CVE-2004-1746

Cross-site scripting XSS vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the 1 catselect or 2 show parameters...

CVE-2004-2447

Cross-site scripting XSS vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or HTML via the Mailbox parameter to 1 viewmail.tagz, 2 the index script under /user/, 3 members.tagz, 4 general.tagz, 5 advanced.tagz, or 6 list.tagz...

CVE-2004-2756

Cross-site scripting XSS vulnerability in viewtopic.php in Xoops 2.x, possibly 2 through 2.0.5, allows remote attackers to inject arbitrary web script or HTML via the 1 forum and 2 topicid parameters...

CVE-2004-1424

Cross-site scripting XSS vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2004-1442

Cross-site scripting XSS vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by error messages such as "DTWP001E."...

CVE-2004-1809

Cross-site scripting XSS vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 postdays parameter to viewtopic.php or 2 topicdays parameter to viewforum.php...

CVE-2004-2171

Cross-site scripting XSS vulnerability in Cherokee before 0.4.8 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting error page...