CVE-2005-1619

Multiple cross-site scripting XSS vulnerabilities in 1 startpage.css.php3 aka start-page.css.php3 or 2 style.css.php3 in PHPMyChat 0.14.5 allow remote attackers to inject arbitrary web script or HTML commands via the FontName parameter. NOTE: it was later reported that 0.14.5 is also affected...

CVE-2005-1593

Cross-site scripting XSS vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

CVE-2005-1605

The entry CVE-2005-1605 describes a Cross-site Scripting (XSS) vulnerability in the guestbook of SiteStudio 1.6, exploitable via the name field to either psoft.guestbook.GuestBookServ (Standalone Site Studio) or E-Guest_sign.pl (Integrated Site Studio with H-Sphere). The vulnerability is triggere...

CVE-2005-1614

Vulnerability overview (CVE-2005-1614) : The UPB (Ultimate PHP Board) versions 1.8 through 1.9.6 are affected by a cross-site scripting (XSS) flaw in the viewforum.php script, exploitable via the postorder parameter. This can allow remote attackers to inject arbitrary script/HTML. The NVD reports...

CVE-2005-1582

The CVE-2005-1582 entry concerns a Cross-site scripting (XSS) vulnerability in index.php of 1Two News 1.0. The vulnerability permits remote injection of arbitrary web script or HTML via the query/POST parameters nom, email, siteweb, or commentaire. The NVD listing documents a MEDIUM impact score ...

CVE-2005-1587

Cross-site scripting XSS vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers to inject arbitrary web script or HTML via the sWord parameter...

CVE-2005-1488

Multiple cross-site scripting XSS vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allow remote authenticated users to inject arbitrary web script or HTML via 1 the E-mail address, Note, or Public Certificate fields to address.html, 2 addressaction.html, 3 the Signature fiel...

CVE-2005-1486

Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 trackingnum, 2 reqagree, or 3 m parameter to upstracking.php or 4 nlst parameter to display.php. NOTE: the vendor was not able to reproduce some of the reported...

CVE-2005-1494

Multiple cross-site scripting XSS vulnerabilities in admin.cgi in MegaBook 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 entryid or 2 password parameter...

CVE-2004-1965

Multiple cross-site scripting XSS vulnerabilities in Open Bulletin Board OpenBB 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 redirect parameter to member.php, 2 to parameter to myhome.php 3 TID parameter to post.php, or 4 redirect parameter to index.p...

CVE-2004-2020

CVE-2004-2020 affects Php-Nuke 6.x through 7.3. The vulnerability is a set of cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary HTML or scripts via user-supplied input in specific parameters: optionbox (News module), date (Statistics module), year/month/month_1 (Sto...

CVE-2004-1924

CVE-2004-1924 concerns multiple XSS vulnerabilities in Tiki Wiki CMS Groupware (TikiWiki) up to version 1.8.1. The affected surface includes numerous parameters across different pages (theme, messu-*.php, tiki-read_article.php, tiki-browse_categories.php, tiki-index.php, tiki-print_article.php, t...

CVE-2004-1779

Cross-site scripting XSS vulnerability in board.php for ThWboard before beta 2.84 allows remote attackers to inject arbitrary web script or HTML via the lastvisited parameter...

CVE-2004-1930

Technical details beyond the initial description are not provided in the connected documents. Monitor for updates and vendor advisories for any fixes or affected versions.

CVE-2004-1822

CVE-2004-1822 affects Phorum 3.1–5.0.3 beta and involves multiple cross-site scripting (XSS) vulnerabilities. The issue allows remote attackers to inject arbitrary web script or HTML via (1) the HTTP_REFERER parameter to login.php, (2) the HTTP_REFERER parameter to register.php, or (3) the target...

CVE-2005-1443

Multiple cross-site scripting XSS vulnerabilities in index.php for Invision Power Board IPB 2.0.3 and 2.1 Alpha 2 allows remote attackers to inject arbitrary web script or HTML via the 1 act, 2 Members, 3 calendar, or 4 HID parameters...

CVE-2005-0896

Multiple cross-site scripting XSS vulnerabilities in review.php in phpMyDirectory 10.1.3-rel allow remote attackers to inject arbitrary web script or HTML via the 1 subcat, 2 page, or 3 subsubcat parameter...

CVE-2005-1053

Multiple cross-site scripting XSS vulnerabilities in orderwiz.php in ModernBill 4.3.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 ccode or 2 aid parameters...

CVE-2005-1352

Cross-site scripting XSS vulnerability in the ad.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument...

CVE-2005-1075

Multiple cross-site scripting XSS vulnerabilities in RadScripts RadBids Gold 2 allow remote attackers to inject arbitrary web script or HTML via 1 the farea parameter to faq.php or the 2 cat, 3 order, or 4 area parameters to index.php...