CVE-2006-1019

The vulnerability described as CVE-2006-1019 is an XSS in UKiBoard 3.0.1, specifically in fce.php. The issue allows an attacker to inject arbitrary web script or HTML by exploiting a BBCode url tag when using the show_post function. The affected component is the fce.php file within UKiBoard 3.0.1...

CVE-2006-0974

Cross-site scripting XSS vulnerability in failure.asp in Battleaxe bttlxeForum 2.0 allows remote attackers to inject arbitrary web script or HTML via the errtxt parameter...

CVE-2006-0980

Multiple cross-site scripting XSS vulnerabilities in Jay Eckles CGI Calendar 2.7 allow remote attackers to inject arbitrary web script or HTML via the year parameter in 1 index.cgi and 2 viewday.cgi...

CVE-2006-0984

Cross-site scripting XSS vulnerability in incheader.php in EJ3 TOPo 2.2.178 allows remote attackers to inject arbitrary web script or HTML via the gTopNombre parameter...

CVE-2006-0983

CVE-2006-0983 affects QwikiWiki version 1.4, specifically the index.php page, with a cross-site scripting (XSS) flaw exploitable via the page parameter. The underlying issue allows remote attackers to inject arbitrary web script or HTML. Documented impacts indicate XSS risk, but no explicit remed...

CVE-2006-0974

Cross-site scripting XSS vulnerability in failure.asp in Battleaxe bttlxeForum 2.0 allows remote attackers to inject arbitrary web script or HTML via the errtxt parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in Brown Bear iCal 3.10 allows remote attackers to inject arbitrary web script or HTML via the Calendar Text field when a new event is added. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2006-0885

Cross-site scripting XSS vulnerability in shownews.php in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the show parameter...

CVE-2006-0896

Cross-site scripting XSS vulnerability in Sources/Register.php in Simple Machine Forum SMF 1.0.6 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For HTTP header field...

CVE-2006-0889

Cross-site scripting XSS vulnerability in Calcium 3.10.1 allows remote attackers to inject arbitrary web script or HTML via the EventText parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2006-0875

Cross-site scripting vulnerability in ratefile.php in RunCMS 1.3a5 allows remote attackers to inject arbitrary web script or HTML via the lid parameter...

CVE-2006-0875

Cross-site scripting vulnerability in ratefile.php in RunCMS 1.3a5 allows remote attackers to inject arbitrary web script or HTML via the lid parameter...

CVE-2006-0806

Multiple cross-site scripting XSS vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via 1 the nextpage parameter in adodb-pager.inc.php and 2 other unspecified vectors related to PHPSELF...

Cross site scripting

Cross-site scripting XSS vulnerability in page.php in in Siteframe Beaumont, possibly 5.0.2 or 5.0.1a, allows remote attackers to inject arbitrary web script or HTML via the commenttext parameter to the user comment page /edit/Comment...

CVE-2006-0779

Cross-site scripting XSS vulnerability in u2u.php in XMB Forums 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter, as demonstrated using a URL-encoded iframe tag...

Cross site scripting

Cross-site scripting XSS vulnerability in dowebmailforward.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via a URL encoded value in the fwd parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in QWikiWiki 1.5, and possibly 1.5.1 and other versions, allows remote attackers to inject arbitrary web script or HTML via the query parameter...

CVE-2006-0683

Cross-site scripting XSS vulnerability in Virtual Hosting Control System VHCS 2.4.7.1 with v.1 patch and earlier allows remote attackers to inject arbitrary web script or HTML via the username, which is recorded in a log file but not properly handled when the administrator uses the admin log...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in 1 linkedited.php and 2 linkadded.php in Hinton Design phpht Topsites 1.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2006-0657

Cross-site scripting XSS vulnerability in Softcomplex PHP Event Calendar 1.5 allows remote authenticated users to inject arbitrary web script or HTML, and corrupt data, via the 1 username and 2 password parameters, which are not sanitized before being written to users.php. NOTE: while this issue...