CVE-2004-1818

Cross-site scripting XSS vulnerability in nmimage.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to execute arbitrary script as other users by injecting arbitrary script into the z parameter...

CVE-2004-1822

Multiple cross-site scripting XSS vulnerabilities in Phorum 3.1 through 5.0.3 beta allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPREFERER parameter to login.php, 2 HTTPREFERER parameter to register.php, or 3 target parameter to profile.php...

CVE-2004-0046

Cross-site scripting XSS vulnerability in SnapStream PVS LITE allows remote attackers to inject arbitrary web script or HTML via a GET request containing a terminating '"' double quote character...

CVE-2003-1317

Cross-site scripting XSS vulnerability in mod.php in eNdonesia 8.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2003-1543

Cross-site scripting XSS vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is reflected in an error message...

CVE-2003-1536

Multiple cross-site scripting XSS vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow remote attackers to inject arbitrary web script or HTML via 1 the q parameter to search.php and 2 the year parameter to calendar.php...

CVE-2003-1479

Cross-site scripting XSS vulnerability in webcamXP 1.02.432 and 1.02.535 allows remote attackers to inject arbitrary web script or HTML via the message field...

CVE-2003-1334

Cross-site scripting XSS vulnerability in Kai Blankenhorn Bitfolge simple and nice index file aka snif before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2003-1498

Cross-site scripting XSS vulnerability in search.php for WRENSOFT Zoom Search Engine 2.0 Build 1018 and earlier allows remote attackers to inject arbitrary web script or HTML via the zoomquery parameter...

CVE-2003-1100

Multiple cross-site scripting XSS vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors...

CVE-2003-1211

Cross-site scripting XSS vulnerability in search.asp for MaxWebPortal 1.30 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the Search parameter...

CVE-2003-1556

Cross-site scripting XSS vulnerability in ccguestbook.pl in CGI City CC GuestBook allows remote attackers to inject arbitrary web script or HTML via the 1 name and 2 homepagetitle webpage title parameters...

CVE-2003-1509

Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embedding script in a temp file before the temp file is executed by the defaul...

SiteInteractive Subscribe Me - 'Setup.pl' Arbitrary Command Execution

source: https://www.securityfocus.com/bid/9253/info It has been reported that the SiteInteractive Subscribe Me setup.pl script lacks sufficient sanitization on user-supplied URI parameters; an attacker may invoke this script remotely and and by passing sufficient URI parameters may influence the...

CVE-2003-0623

Cross-site scripting XSS vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to inject arbitrary web script via the INIFILE argument...

CVE-2003-1187

Cross-site scripting XSS vulnerability in include.php in PHPKIT 1.6.02 and 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the contactemail parameter...

CVE-2003-0726

RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag...

CVE-2003-0801

Cross-site scripting XSS vulnerability in Nokia Electronic Documentation NED 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script...

Thread-ITSQL XSS Vulnerability

Thread-ITSQL XSS Vulnerability Published: 24 September 2003 Released: 24 September 2003 Affected Systems: Thread-ITSQL Vendor: http://www.ymonda.co.uk Issue: Remote attackers can inject XSS script. Description: ============ "Thread-ITSQL message board product is designed specifically for SQL Serv...

CVE-2003-0769

Cross-site scripting XSS vulnerability in the ICQ Web Front guestbook guestbook.html allows remote attackers to insert arbitrary web script and HTML via the message field...