CVE-2006-2684

Cross-site scripting XSS vulnerability in the search module in CMS Mundo 1.0 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Pre Shopping Mall 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 search parameter in search.php the "search box", 2 the prodid parameter in detail.php, and the 3 cid parameter in products.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Realty Pro One allow remote attackers to inject arbitrary web script or HTML via the 1 listingid parameter to a images.php, b indexother.php, or c requestinfo.php; 2 propertyid parameter to d searchlookup.php, 3 id parameter to e images.php, or...

CVE-2006-2672

Multiple cross-site scripting XSS vulnerabilities in Realty Pro One allow remote attackers to inject arbitrary web script or HTML via the 1 listingid parameter to a images.php, b indexother.php, or c requestinfo.php; 2 propertyid parameter to d searchlookup.php, 3 id parameter to e images.php, or...

CVE-2006-2640

Cross-site scripting XSS vulnerability in OmegaMw7a.ASP in OMEGA aka Omegasoft INterneSErvicesLosungen INSEL allows remote attackers to inject arbitrary web script or HTML via the WCE parameter...

CVE-2006-2648

The CVE-2006-2648 entry pertains to a Cross-site scripting (XSS) vulnerability in perform_search.asp of ASPBB 0.52 and earlier. The underlying issue is that an attacker can supply a malicious value in the search parameter, enabling remote execution of arbitrary HTML or web script in the context o...

CVE-2006-2637

Cross-site scripting XSS vulnerability in view.php in TuttoPhp 1 Morris Guestbook 1, 2 Pretty Guestbook 1, and 3 Smile Guestbook 1 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the pagina parameter...

CVE-2006-2610

CVE-2006-2610 refers to a Cross-site Scripting (XSS) vulnerability in the phpRaid 2.9.5 application, specifically in view.php. The flaw allows remote attackers to inject arbitrary web script or HTML through the URL query string and the Sort parameter, leading to potential session hijacking or def...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in post.php in SkyeBox 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 message parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information,...

CVE-2006-2584

Multiple cross-site scripting XSS vulnerabilities in post.php in SkyeBox 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 message parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information,...

Cross site scripting

Cross-site scripting XSS vulnerability in search.html in Alkacon OpenCms 6.0.0, 6.0.2, and 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search action...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in DGBook 1.0 allows remote attackers to inject arbitrary web script or HTML via the 1 name, 2 homepage, 3 email, and 4 address parameters...

CVE-2006-2572

Cross-site scripting XSS vulnerability in index.php in DGBook 1.0 allows remote attackers to inject arbitrary web script or HTML via the 1 name, 2 homepage, 3 email, and 4 address parameters...

CVE-2006-2564

Multiple cross-site scripting XSS vulnerabilities in index.php in AlstraSoft E-Friends allow remote attackers to inject arbitrary web script or HTML by 1 posting a blog, 2 posting a listing, 3 posting an event, 4 adding comments, or 5 sending a message...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in AlstraSoft E-Friends allow remote attackers to inject arbitrary web script or HTML by 1 posting a blog, 2 posting a listing, 3 posting an event, 4 adding comments, or 5 sending a message...

CVE-2006-2567

Cross-site scripting XSS vulnerability in submitarticle.php in Alstrasoft Article Manager Pro 1.6 allows remote attackers to inject arbitrary web script or HTML when submitting an article, as demonstrated using a javascript URI in a Cascading Style Sheets CSS property of a STYLE attribute of an...

CVE-2006-2564

Multiple cross-site scripting XSS vulnerabilities in index.php in AlstraSoft E-Friends allow remote attackers to inject arbitrary web script or HTML by 1 posting a blog, 2 posting a listing, 3 posting an event, 4 adding comments, or 5 sending a message...

CVE-2006-2545

CVE-2006-2545 affects Xtreme Topsites 1.1. The vulnerability is described as multiple cross-site scripting (XSS) flaws accessible via the id parameter in stats.php and via unspecified inputs in lostid.php (likely the searchthis parameter), with one or more vectors possibly stemming from SQL injec...

CVE-2006-2501

Cross-site scripting XSS vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web Server 6.1 SP4 and earlier, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and earlier, and Java System Application Server 7 2004Q2 Standard and Enterprise Edition Update 2 and...

Cross site scripting

Cross-site scripting XSS vulnerability in 1 index.php and 2 bmc/admin.php in BoastMachine bMachine 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly filtered when it is accessed using the $SERVER"PHPSELF" variable...