CVE-2005-2610

Cross-site scripting XSS vulnerability in index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the message parameter...

CVE-2005-2560

Cross-site scripting XSS vulnerability in index.cfm in CFBB 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter...

CVE-2004-2355

Cross-site scripting XSS vulnerability in Crafty Syntax Live Help CSLH before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the name field of a livehelp or chat session...

CVE-2005-2542

Invision Power Board IPB 1.0.3 allows remote attackers to inject arbitrary web script or HTML via an attachment, which is automatically downloaded and processed as HTML...

CVE-2005-2453

Cross-site scripting XSS vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string...

CVE-2003-1219

CVE-2003-1219 affects osCommerce prior to version 2.2-MS3. The vulnerability is a cross-site scripting (XSS) flaw in the tep_href_link function in html_output.php that can be triggered by manipulating the osCsid parameter, enabling remote attackers to inject arbitrary scripts or HTML. Connected s...

CVE-2005-2453

Cross-site scripting XSS vulnerability in NetworkActiv Web Server 1.0, 2.0.0.6, 3.0.1.1, and 3.5.13, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the query string...

CVE-2005-2422

Cross-site scripting XSS vulnerability in index.php in Beehive Forum allows remote attackers to inject arbitrary web script or HTML via the webtag parameter...

CVE-2005-2441

Multiple cross-site scripting XSS vulnerabilities in VBzoom allow remote attackers to inject arbitrary web script and HTML via the 1 UserName parameter to profile.php or 2 UserID parameter to login.php...

CVE-2005-2416

Contrexx prior to 1.0.5 contains client-side Cross-Site Scripting (XSS) vulnerabilities in two parameters: (1) term in the search module and (2) title in the blog aggregation module. These allow remote attackers to inject arbitrary web script or HTML. The CVE entry documents these two vectors but...

CVE-2005-2397

CVE-2005-2397 is an XSS vulnerability in phpBook 1.46 affecting the guestbook.php module, exploitable via the admin parameter to inject arbitrary web script or HTML. The provided documents confirm the affected product/version and the input vector, but do not include exploit specifics, impact metr...

CVE-2005-2324

Cross-site scripting XSS vulnerability in Clever Copy 2.0 and 2.0a allows remote attackers to inject arbitrary web script or HTML via the searchtype or searchterm parameters to 1 results.php or 2 categorysearch.php...

CVE-2002-2056

CVE-2002-2056 describes a cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2, exploitable via the valid_username_online cookie to inject arbitrary script/HTML. The NVD entry assigns a MEDIUM base CVSS v2 score (AV:N/AC:M/Au:N/C:N/I:P/A:N). No exploit details or specific remediation are ...

CVE-2005-2207

Cross-site scripting XSS vulnerability in store/login.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the message parameter...

CVE-2005-2207

CVE-2005-2207 describes a Cross-site scripting (XSS) vulnerability in CartWIZ, specifically in store/login.asp, where an attacker can inject arbitrary web script or HTML through the message parameter. The issue affects the CartWIZ login flow as described, with the impact being that unauthenticate...

CVE-2005-2167

Cross-site scripting XSS vulnerability in index.php in Plague News System 0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the cid parameter...

CVE-2005-2161

The CVE-2005-2161 entry covers a cross-site scripting (XSS) vulnerability in phpBB 2.0.16 that allows remote attackers to inject arbitrary script or HTML via nested [url] tags. Connected sources confirm phpBB2 exposure and the Debian security advisory DSA-768-1 (and related Debian/NVD entries) de...

CVE-2005-2167

Plague News System vulnerable to cross-site scripting (XSS) in index.php via the cid parameter for versions 0.6 and earlier. Exploitation could inject arbitrary script/HTML into pages viewed by other users; impact is partial confidentiality/integrity (per CVSS details). No exploit code is provide...

CVE-2005-2138

Cross-site scripting XSS vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message...

CVE-2005-2074

Cross-site scripting XSS vulnerability in PHP-Fusion 6.0.105 allows remote attackers to inject arbitrary web script or HTML via a news or article post, possibly involving the 1 newsbody, 2 articledescription, or 3 articlebody parameters to submit.php...