CVE-2007-3078

Multiple cross-site scripting XSS vulnerabilities in Aigaion before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter Authors and Publication titles to 1 authoractions.php or 2 publicationactions.php...

CVE-2007-3070

Cross-site scripting XSS vulnerability in index.php in BDigital Web Solutions WebStudio allows remote attackers to inject arbitrary web script or HTML via the pageid parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Codelib Linker 2.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

CVE-2007-3064

Cross-site scripting XSS vulnerability in diary.php in My Databook allows remote attackers to inject arbitrary web script or HTML via the year parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in includes/send.inc.php in Evenzia CMS allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

CVE-2007-2991

Cross-site scripting XSS vulnerability in includes/send.inc.php in Evenzia CMS allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in cgi/block.cgi in 8e6 R3000 Internet Filter allow remote attackers to inject arbitrary web script or HTML via the 1 URL, 2 CAT, and 3 USER parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...

CVE-2007-2970

Multiple cross-site scripting XSS vulnerabilities in cgi/block.cgi in 8e6 R3000 Internet Filter allow remote attackers to inject arbitrary web script or HTML via the 1 URL, 2 CAT, and 3 USER parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Invision Power Board IPB or IP.Board 2.2.2, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via 1 modulebbcodeloader.php, 2 modulediv.php, 3 moduleemail.php, 4 moduleimage.php, 5 modulelink.php, or 6 the...

CVE-2007-2962

CVE-2007-2962 affects Particle Gallery 1.0.1 and earlier, with a cross-site scripting vulnerability in search.php via the order parameter. The underlying issue is a reflected XSS allowing remote attackers to inject arbitrary script/HTML into victims’ browsers. Exploitation details are not provide...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in BoastMachine allows remote attackers to inject arbitrary web script or HTML via the blog parameter in a content search action...

CVE-2007-0694

Cross-site scripting XSS vulnerability in footer.php in DGNews 2.1 allows remote attackers to inject arbitrary web script or HTML via the copyright parameter...

CVE-2007-2914

Multiple cross-site scripting XSS vulnerabilities in PsychoStats 3.0.6b allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 awards.php, 2 login.php, 3 register.php, 4 weapons.php, and possibly other unspecified files...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PsychoStats 3.0.6b allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 awards.php, 2 login.php, 3 register.php, 4 weapons.php, and possibly other unspecified files...

CVE-2007-2908

The CVE-2007-2908 entry describes a cross-site scripting (XSS) vulnerability in Jelsoft vBulletin’s calendar.php, exploitable to inject arbitrary HTML/Script via the title field during a single add action. Affected software is vBulletin prior to version 3.6.6. The underlying issue is an input han...

Cross site scripting

Cross-site scripting XSS vulnerability in news.asp in ASP-Nuke 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Web Icerik Yonetim Sistemi WIYS 1.0 allows remote attackers to inject arbitrary web script or HTML via the No parameter in the Sayfa page...

CVE-2007-2865

Cross-site scripting XSS vulnerability in sqledit.php in phpPgAdmin 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the server parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in sqledit.php in phpPgAdmin 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the server parameter...

CVE-2007-2686

Cross-site scripting XSS vulnerability in index.php in Jetbox CMS 2.1 allows remote attackers to inject arbitrary web script or HTML via the login parameter in a sendpwd task...