CVE-2005-3998

Cross-site scripting XSS vulnerability in search.asp in Solupress News 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter...

CVE-2005-3972

Cross-site scripting XSS vulnerability in extremesearch.php in Extreme Search Corporate Edition 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2005-3894

Multiple cross-site scripting XSS vulnerabilities in index.pl in Open Ticket Request System OTRS 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 hex-encoded values in the QueueID parameter and 2 Action parameters...

CVE-2005-3867

CVE-2005-3867 is an XSS vulnerability in RevenuePilot Search Engine Script 1.2.0 and earlier. The issue arises in the REQ parameter used when performing a search, allowing remote attackers to inject arbitrary web script or HTML. The NVD metrics indicate network access with medium complexity, no a...

CVE-2004-2604

Cross-site scripting XSS vulnerability in index.php in PHProxy allows remote attackers to inject arbitrary web script or HTML via the error parameter...

CVE-2004-2604

CVE-2004-2604 affects PHProxy’s index.php: XSS vulnerability exploitable via the error parameter that allows remote injection of arbitrary web script/HTML. The issue is documented across multiple sources (NVD, CVE lists, OSVDB/SecurityFocus references) with a base score of 4.3 (Medium) per NVD CV...

CVE-2005-3854

Cross-site scripting XSS vulnerability in index.php in EasyPageCMS allows remote attackers to inject arbitrary web script or HTML via the cat parameter...

CVE-2005-3851

Cross-site scripting XSS vulnerability in search.asp in Online Attendance System OASYS Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via certain search parameters, possibly the keyword parameter...

CVE-2005-3837

Cross-site scripting XSS vulnerability in the search module in sCssBoard 1.2 and 1.12, and earlier versions, allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter...

CVE-2005-3759

Multiple cross-site scripting XSS vulnerabilities in Horde before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 gzip/tar and 2 css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments...

CVE-2005-3745

Cross-site scripting XSS vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message...

CVE-2003-1285

Multiple cross-site scripting XSS vulnerabilities in Sambar Server before 6.0 beta 6 allow remote attackers to inject arbitrary web script or HTML via the query string to 1 isapi/testisa.dll, 2 testcgi.exe, 3 environ.pl, 4 the query parameter to samples/search.dll, 5 the price parameter to...

CVE-2004-2550

Multiple cross-site scripting XSS vulnerabilities in unspecified Perl scripts in SandSurfer before 1.7.1 allow remote attackers to inject arbitrary web script or HTML, which is later executed by a target who views reports containing the injected data...

CVE-2005-3528

Cross-site scripting XSS vulnerability in tiki-viewforumthread.php in TikiWiki 1.9.0 through 1.9.2 allows remote attackers to inject arbitrary web script or HTML via the topicsoffset parameter...

CVE-2005-3638

Cross-site scripting XSS vulnerabilities in Ekinboard 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter in profile.php and 2 titles of posts...

CVE-2005-3638

Affected software: Ekinboard 1.0.3. Vulnerability: Cross-site scripting (XSS) via (1) id parameter in profile.php and (2) post titles. Impact: allows remote attackers to inject arbitrary web script or HTML. Exploitation/Details: Documented in CVE-2005-3638 with confirmed vectors on profile and po...

CVE-2005-3570

Unspecified cross-site scripting XSS vulnerability in Horde before 2.2.9 allows remote attackers to inject arbitrary web script or HTML via "not properly escaped error messages"...

CVE-2005-3479

Cross-site scripting XSS vulnerability in login.asp in Ringtail CaseBook 6.1.0 allows remote attackers to inject arbitrary web script or HTML via the users parameter...

CVE-2005-3436

Cross-site scripting XSS vulnerability in Nuked-Klan 1.7 allows remote attackers to inject arbitrary web script or HTML via the 1 Search module, 2 certain edit fields in Guestbook, 3 the title in the Forum module, and 4 Textbox...

CVE-2005-3413

Cross-site scripting XSS vulnerability in desktop.php in eyeOS 0.8.4 allows remote attackers to inject arbitrary web script or HTML via the motd parameter...