CVE-2005-2057

The CVE-2005-2057 entry concerns Infopop UBB.Threads prior to version 6.5.2 Beta, with multiple reflected cross-site scripting (XSS) vulnerabilities. The NVD description specifies specific injectable parameters across several scripts: (1) dosearch.php (Searchpage), (2) Number, (3) what, or (4) pa...

CVE-2002-1893

CVE-2002-1893: Cross-site scripting (XSS) in ArGoSoft Mail Server Pro 1.8.1.9 lets remote attackers inject arbitrary web script/HTML via the e-mail message. Connected sources confirm the vulnerability exists in the WebMail interface of ArGoSoft Mail Server Pro, but the provided documents do not i...

CVE-2002-1829

OpenBB (Open Bulletin Board) 1.0.0 RC3 has a cross-site scripting vulnerability in codeparse.php that allows remote attackers to inject arbitrary script via (1) myhome.php, (2) an onerror attribute in an IMG tag (variant of CVE-2002-0330), or (3) a glow tag. The issue stems from insufficient inpu...

CVE-2002-1802

XSS vulnerability CVE-2002-1802 affects XOOPS 1.0 RC3. The flaw allows remote attackers to inject arbitrary script/HTML via Javascript in an IMG tag when submitting news, due to insufficient input sanitization in the news submission workflow. Impact is Cross‑Site Scripting; no exploit vectors or ...

CVE-2005-2057

Multiple cross-site scripting XSS vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to inject arbitrary web script or HTML via the 1 Searchpage parameter to dosearch.php, 2 Number, 3 what, or 4 page parameter to newreply.php, 5 Number, 6 Board, or 7 what parameter to...

CVE-2005-2042

Cross-site scripting XSS vulnerability in ajax-spell before 1.8 allows remote attackers to inject arbitrary web script or HTML via onmouseover or other events in HTML tags...

CVE-2005-2004

Vulnerability summary (CVE-2005-2004): Multiple cross-site scripting flaws affect Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier. The issues arise from insufficient sanitization of user input in several scripts, enabling remote attackers to inject arbitrary web script or HTML via any of these pa...

CVE-2005-2011

paFAQ 1.0 Beta 4 contains multiple XSS vulnerabilities that allow remote attackers to inject arbitrary web script or HTML, demonstrated via the id parameter in a Question action. The CVE-2005-2011 entry is corroborated by multiple sources in the provided documents (NVD/CVE record, CVE list, and N...

CVE-2005-2034

Cross-site scripting XSS vulnerability in folderview.asp for BlueCollar iGallery 3.3 allows remote attackers to inject arbitrary web script or HTML via the folder parameter...

CVE-2005-1669

CVE-2005-1669 affects Opera 8.0 Final Build 1095. It is a cross-site scripting vulnerability where malicious javascript: URLs opened in a new window or frame allow remote script execution and potential unauthorized actions on other domains. Public references indicate Opera was updated to 8.01 to ...

CVE-2005-1975

The CVE-2005-1975 entry concerns multiple cross-site scripting (XSS) vulnerabilities in Annuaire 1Two 1.1 and earlier. The affected components are the index.php script (id parameter) and commentaires.php (site_id, nom, email, commentaire parameters). Exploitation would allow remote attackers to i...

CVE-2005-1962

Cross-site scripting XSS vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the 1 errorcode parameter to index.php or 2 certain fields to clients.php...

CVE-2005-1886

Cross-site scripting XSS vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to inject arbitrary web script or HTML via 1 the phid parameter or 2 unknown parameters when posting a new comment...

CVE-2005-1895

Cross-site scripting XSS vulnerability in FlatNuke 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the border or back parameters to 1 help.php or 2 footer.php...

CVE-2005-1823

Multiple cross-site scripting XSS vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 cat or 2 printable parameter to home.php, 3 productid or 4 mode parameter to product.php, 5 id parameter to errormessage.php, 6 section parameter to...

CVE-2005-1782

BookReview beta 1.0 is affected by multiple cross-site scripting (XSS) vulnerabilities due to lack of input sanitization. Concrete vectors include injecting script via: node parameter on add_review.htm, suggest_review.htm, suggest_category.htm, add_booklist.htm, add_url.htm; isbn parameter on add...

CVE-2005-1710

Multiple cross-site scripting XSS vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via 1 the username in an Add User window or 2 the license key volatile.licensetoadd parameter in the Licensing page...

CVE-2003-1211

Cross-site scripting XSS vulnerability in search.asp for MaxWebPortal 1.30 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the Search parameter...

CVE-2005-1672

Multiple cross-site scripting XSS vulnerabilities in Help Center Live allow remote attackers to inject arbitrary web script or HTML via the 1 find parameter to index.php, 2 name or 3 message field of a chat request, or 4 the message body when opening a trouble ticket...

CVE-2004-2084

Cross-site scripting XSS vulnerability in search.php in JShop E-Commerce Server allows remote attackers to inject arbitrary web script or HTML via the xSearch parameter...