3789 matches found
CVE-2004-2113
Cross-site scripting XSS vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the URL...
CVE-2004-2625
Cross-site scripting XSS vulnerability in Outblaze Email allows remote attackers to inject arbitrary web script or HTML via Javascript in an attribute of an IMG tag...
CVE-2004-1824
Cross-site scripting XSS vulnerability in Jelsoft vBulletin before 3.0 allows remote attackers to inject arbitrary web script or HTML via the what parameter to memberlist.php...
CVE-2004-1467
Multiple cross-site scripting XSS vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 date or search text field in the calendar module, 2 Field parameter, Filter parameter, QField parameter, Start parameter or Search field in th...
CVE-2004-1863
Multiple cross-site scripting XSS vulnerabilities in XMB aka extreme message board 1.9 beta aka Nexus beta allow remote attackers to inject arbitrary web script or HTML via 1 the u2uheader parameter in editprofile.php, the restrict parameter in 2 member.php, 3 misc.php, and 4 today.php, and 5 an...
CVE-2004-2702
Cross-site scripting XSS vulnerability in loginup.php3 in Plesk 7.0 and 7.1 Reloaded allows remote attackers to inject arbitrary web script or HTML via the loginname parameter. NOTE: this might be the same vector as CVE-2006-6451...
CVE-2004-2564
Multiple cross-site scripting XSS vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, allow remote attackers to inject arbitrary web script or HTML via 1 the show parameter in show.asp and 2 the title parameter in showperf.asp...
CVE-2004-2188
Cross-site scripting XSS vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2004-1809
Cross-site scripting XSS vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 postdays parameter to viewtopic.php or 2 topicdays parameter to viewforum.php...
CVE-2004-2510
Cross-site scripting XSS vulnerability in showflat.php in Infopop UBB.Threads before 6.5 allows remote attackers to inject arbitrary web script or HTML via the Cat parameter...
CVE-2004-2497
Cross-site scripting XSS vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to inject arbitrary web script or HTML via unknown attack vector...
CVE-2004-1790
Cross-site scripting XSS vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL...
CVE-2004-2015
Cross-site scripting XSS vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via 1 iframe, 2 img, or 3 object tags...
CVE-2004-1730
Cross-site scripting XSS vulnerability in Mantis bugtracker allows remote attackers to inject arbitrary web script or HTML via 1 the return parameter to loginpage.php, 2 e-mail field in signup.php, 3 action parameter to loginselectprojpage.php, or 4 hidestatus parameter to viewallset.php...
CVE-2004-1506
Multiple cross-site scripting XSS vulnerabilities in WebCalendar allow remote attackers to inject arbitrary web script via 1 viewentry.php, 2 viewd.php, 3 usersel.php, 4 datesel.php, 5 trailer.php, or 6 styles.php, as demonstrated using img srg tags...
CVE-2004-1746
Cross-site scripting XSS vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the 1 catselect or 2 show parameters...
CVE-2004-1424
Cross-site scripting XSS vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter...
CVE-2004-1807
Cross-site scripting XSS vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to inject arbitrary web script or HTML via the URL...
CVE-2004-2447
Cross-site scripting XSS vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or HTML via the Mailbox parameter to 1 viewmail.tagz, 2 the index script under /user/, 3 members.tagz, 4 general.tagz, 5 advanced.tagz, or 6 list.tagz...
CVE-2004-2171
Cross-site scripting XSS vulnerability in Cherokee before 0.4.8 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting error page...